Firewall action log values
Applies To: Forefront Threat Management Gateway (TMG)
The Firewall log can include an action field listing the action performed by the Microsoft Firewall Service for the current session or connection. The values provided in the "Action" field are short strings derived from the names of the enumeration values defined in the FpcAction COM object after deleting the prefix "fpcAction."
The following table lists the possible action values.
| SQL Server Express value | Value | String | Description |
|---|---|---|---|
0 |
NotLogged |
- |
No action was logged. |
1 |
Bind |
Bind |
The Firewall service associated a local address with a socket. |
2 |
Listen |
Listen |
The Firewall service placed a socket in a state in which it listens for an incoming connection. |
3 |
GHBN |
Gethostbyname |
Get host by name request. The Firewall service retrieved host information corresponding to a host name. |
4 |
GHBA |
gethostbyaddr |
Get host by address request. The Firewall service retrieved host information corresponding to a network address. |
5 |
Redirect_Bind |
Redirect Bind |
The Firewall service enabled a connection using a local address associated with a socket. |
6 |
Establish |
Initiated Connection |
The Firewall service established a session. |
7 |
Terminate |
Closed Connection |
The Firewall service terminated a session. |
8 |
Denied |
Denied Connection |
The action requested was denied. |
9 |
Allowed |
Allowed Connection |
The action requested was allowed. |
10 |
Failed |
Failed Connection Attempt |
The action requested failed. |
11 |
Intermediate |
Connection Status |
The action was intermediate. |
12 |
Successful_Connection |
- Initiated VPN Connection |
The Firewall service was successful in establishing a connection to a socket. |
13 |
Unsuccessful_Connection |
Failed VPN Connection Attempt |
The Firewall service was unsuccessful in establishing a connection to a socket. |
14 |
Disconnection |
Closed VPN Connection |
The Firewall service closed a connection on a socket. |
15 |
User_Cleared_Quarantine |
User Cleared Quarantine |
The Firewall service cleared a quarantined virtual private network (VPN) client. |
16 |
Quarantine_Timeout |
Quarantine Timeout |
The Firewall service disqualified a quarantined VPN client after the time-out period elapsed. |