Knowledge Search


What is an illegal packet?

  [KB5656] Show KB Properties

  [KB5656] Hide KB Properties

Knowledge Base ID: KB5656
Last Updated: 26 May 2010
Version: 5.0

What is an illegal packet?

Problem or Goal:
  • Get counter shows illegal pak incrementing
  • What is an illegal packet?

For ScreenOS 5.4 and later, the 'illegal pak' counter increases under the following conditions:

At the L2 flow level (Transparent mode):
  1. On L2 flow level, if the firewall receives a PPP packet, this counter is incremented because PPP is not supported
  2. Any other L2 packets which are not supported will increment this counter
At the L3 flow level (Route mode):
  1. If TCP SYN check is enabled (set flow tcp-syn-check), and the firewall receives a non-SYN packet
  2. Invalid source or destination IP address ( All Zero or ones)
  3. First packet is a DNS reply
  4. Firewall user authentication limit has exceeded
  5. Wrong TCP length


Related Links:

Copyright© 1999-2012 Juniper Networks, Inc. All rights reserved.