cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

McAfee Firewall (Sidewinder) Logs - session end and session drop differences

Hi All,

Anyone can assist in explaining the difference in the event: session end and event: session drop?

2014-11-23 11:26:02 -0300 f_kernel_ipfilter a_general_area t_nettraffic p_major

hostname: sinacofi1.rbi.cl event: session end application: FTP

netsessid: c7c8f5471ee79 src_geo: CL srcip: 168.231.1.15 srcport: 37175

srczone: internal protocol: 6 dst_geo: CL dstip: 163.250.1.7

dstport: 52822 dstzone: external bytes_written_to_client: 7102

bytes_written_to_server: 0 rule_name: ftp-lab-interside cache_hit: 0

start_time: 2014-11-23 11:26:01 -0300

2014-11-23 11:11:23 -0300 f_kernel_ipfilter a_general_area t_nettraffic p_major

hostname: sinacofi1.rbi.cl event: session drop application: FTP

netsessid: 559155471eb0b src_geo: CL srcip: 168.231.1.15 srcport: 25458

srczone: internal protocol: 6 dst_geo: CL dstip: 163.250.1.7 dstport: 21

dstzone: external rule_name: ftp-lab-interside cache_hit: 0

start_time: 2014-11-23 11:11:23 -0300

Does it means that for event: session end, the connection was successful, completed and ended, thus a session end log?

Where else for event: session drop, the connection was denied/blocked thus drop?

Appreciate your assistance in this. Thank you.

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community