You can use the Internet Connection Firewall security logging feature to create a security log of firewall activity. Internet Connection Firewall can log both traffic that is permitted and traffic that is rejected. For example, by default, incoming echo requests from the Internet are not permitted by Internet Connection Firewall. If the Internet Control Message Protocol (ICMP) Allow incoming echo request setting is not turned on, the inbound request does not succeed, and a log entry that notes the unsuccessful inbound attempt is generated.

You can modify the behaviour of Internet Connection Firewall by turning on various ICMP options, such as

• Allow incoming echo request,
• Allow incoming timestamp request,
• Allow incoming router request, and
• Allow redirect.

You can set the permitted size of the security log to prevent an overflow that might be caused by denial-of-service attacks. Event logging is generated in the Extended Log File Format as established by the World Wide Web Consortium (W3C).