/
History Page

History Page

Jan 09, 2026

The History page is the most powerful tool for troubleshooting. To open the page, click the FIREWALL tab and select History.

The History page displays all sessions when the slot ends. TCP sessions usually end with the FIN-FINACK-ACK sequence. This is displayed as Normal operation in the Info column. Resets are terminated with Session idle timeout or Last ACK timeout. For the stateless UDP and ICMP protocols, "pseudo" sessions are created that usually end with a timeout.

The following information is provided for each session:

  • AID – Access ID, including an icon for established connections (green), blocked connections (red), and impaired connections (yellow), and consecutive numbering for all connections.

  • IP Proto – The protocol used. For example, TCP, UDP, or ICMP.

  • Port – The destination port (or internal ICMP ID).

  • Source – The source IP address.

  • User – The username of the affected user and group.

  • Destination – The destination IP address.

  • Destination Info – Destination Info is a compound string of multiple partial names/symbols and relates to the template:

  • Output-IF – The outgoing interface.

  • Next Hop – The next hop.

  • Application – The name of the affected application, e.g., Web browsing, Ubuntu Update.

  • Application Context – The context of the affected application., e.g., www.barracuda.com

  • Count The number of tries. The counter applies when a connection attempt hits a specific rule with Firewall History Entry enabled in the Advanced rule configuration. Removal of old entries is handled according to a fixed buffer size that can be adjusted in the Infrastructure Services > General Firewall Configuration > History Cache page.

  • Last – Time passed since the last try.

  • Rule – The name of the affected firewall rule.

  • Info – Additional information.

  • Org – Origin. The value can be one of the following:

    • LIN – Local In; incoming traffic on the box firewall.

    • LOUT – Local Out; outgoing traffic from the box firewall.

    • LB – Loopback; traffic via the loopback interface.

    • FWD – Forwarding; outbound traffic via the forwarding firewall.

    • IFWD – Inbound Forwarding; inbound traffic to the firewall.

    • PXY – Proxy; outbound traffic via the proxy.

    • IPXY – Inbound Proxy; inbound traffic via the proxy.

    • TAP – Transparent Application Proxying; traffic via the virtual interface.

    • LRD – Local Redirect; redirect traffic configured in forwarding ruleset.

  • MAC – The MAC address of the interface.

  • Src NAT – The source NAT address.

  • Dst NAT – The destination NAT address.

  • Out Route – Unicast or local.

  • Protocol – The affected protocol.

  • Src./Dst. Geo – The geographic source/destination of the active connection.

  • URL Category– Category of the destination URL.

  • Src. Named Network – The compound string of a named network used for a source.
    Example: example.com///Location-51/Department-18/Devices-3

  • Dst. Named Network – The compound string of a named network used for a destination.
    Example: example.com///Location-51/Department-18/Devices-3

  • Src. VR Instance – The source IP address of a virtual router instance.

  • Dst. VR Instance – The destination IP address of a virtual router instance.

  • Source Info – Source Info is a compound string of multiple partial names/symbols and relates to the template:

    • Source Geo: An icon that is either

      • a flag symbol that relates to the state at the given geo-location

      • a symbol of a house that stands for a private IP address

    • EITHER:

      • Source IP: the source IP address that is associated with the geographical information (Geo-IP).
        Example: 

    • OR:

      • Named Network: If the IP address is defined by a named network, then the name of the Named Network is used.

  • Destination Info – Destination Info is a compound string of multiple partial names/symbols and relates to the template:

    • Destination Geo: An icon that is either

      • a flag symbol that relates to the state at the given geo-location

      • a symbol of a house that stands for a private IP address

    • EITHER:

      • Destination IP: the destination IP address that is associated with the geographical information (Geo-IP).
        Example: 

    • OR:

      • Named Network: If the IP address is defined by a named network, then the name of the Named Network is used.

  • Interface – The name of the interface is a compound of multiple partial names and relates to the template:

    • Output interface (see also Output-IF in this list)

    • "@"

    • (Optional): Name of the tunnel

    • Name of the box

    • "_"

    • (Optional): Name of the cluster

    • "_"

    • (Optional): Name of the range
      Example: pvpn0@PGRP-MYBOX_Cluster2_1

We value your feedback.
If you have questions, suggestions, or feedback on our documentation, contact the Campus Product Documentation team.
For general product inquiries or technical support, please contact the global Barracuda Support team.