No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.


Log Reference

AR120, AR150, AR160, AR200, AR1200, AR2200, AR3200, and AR3600 V200R007

This document supports all the logs of device, including the parameters, meaning, possible causes and solution.

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).



DLP/4/ABNFILE(l): An abnormal file was transmitted. (SyslogId=[syslog-id], Policy=[policy-name], SrcIp=[source-ip], DstIp=[destination-ip], SrcPort=[source-port], DstPort=[destination-port], SrcZone=[source-zone], DstZone=[destination-zone], Protocol=[protocol], Application=[application-name], Direction=[direction], FileName=[file-name], Abnormal=[abnormal], Action=[action])


Anomalies were detected in a file being transmitted.


Parameter Name Parameter Meaning
syslog-id Log ID
policy-name Name of the security policy
source-ip Source IP address of packets
destination-ip Destination IP address of packets
source-port Source port of packets (the value is 0 for ICMP packets)
destination-port Destination port of packets (the value is 0 for ICMP packets)
source-zone Source security zone of packets
destination-zone Destination security zone of packets
protocol Protocol of the packets matching the signature
application-name Protocol that carries the packets
direction File transfer direction
file-name Name of the filtered file
abnormal Types of file anomalies:
  • false extension file
  • malformed file
  • unknown file
  • decompress overdepth
  • decompress oversize
action Action for the signature
  • Alert
  • Block

Possible Causes

The type of the file being transmitted did not match its file name extension.


  1. This log message indicates a normal situation, and no action is required.
Updated: 2019-05-29

Document ID: EDOC1000097209

Views: 134050

Downloads: 189

Average rating:
This Document Applies to these Products

Related Version

Related Documents

Previous Next