20000026

Meaning
HTTP Protocol Constraints violation.

Field name	Description
`log_id`	20000026 See Log ID numbers.
`main_type`	HTTP Protocol Constraints
`subtype`	Header Length Violation Header Line Violation Body Length Violation Content Length Violation Parameter Length Violation HTTP Request Length Violation URL Parameter Length Violation Illegal HTTP Version Cookie Number Overflow Request Header Line number Overflow URL Parameter Number Overflow Illegal Hostname Range Header Violation Illegal HTTP Method Illegal Content Length Illegal Content Type Illegal Response Code Missing POST Content Type Body Parameter Length Violation Header Name Length Violation Header Value Length Violation NULL Character in Parameter Name NULL Character in Paramter Value Illegal Header Name Illegal Header Value HTTP Request Filename Violation Web Socket Protocol Illegal Frame Type Illegal Frame Flag Illegal Connection Preface HTTP/2 Header Table Size Overflow HTTP/2 Concurrent Stream Number Overflow HTTP/2 Initial Window Size Overflow HTTP/2 Frame Size Overflow HTTP/2 Header List Overflow Illegal URL Parameter Name Illegal URL Parameter Value URL Parameter Name Overflow URL Parameter Value Overflow NULL Character in URL Illegal Character in URL Redundant HTTP Header Malformed URL Illegal Chunk Size HTTP Parsing Error HTTP Duplicated Parameter Name Odd and Even Space Attack

Examples
date=2022-07-10 time=16:22:35 log_id=20000026 msg_id=000000174073 device_id=FVVM08TM21000756 vd="root" timezone="(GMT-8:00)Pacific Time(US&Canada)" timezone_dayst="GMTa+7" type=attack pri=alert main_type="HTTP Protocol Constraints" sub_type="Content Length Violation" trigger_policy="N/A" severity_level=High proto=tcp service=http backend_service=unknown action=Alert_Deny policy="FWB_Policy_Default_AutoTest" src=192.168.1.8 src_port=54443 dst=10.102.0.1 dst_port=80 http_method=post http_url="/autotest/protocalConstrait" http_host="vote3.contentlen.com.cn" http_agent="Mozilla/5.0 (Windows; U; Windows NT 5.1; zh-CN; rv:1.9.2.10) Gecko/20100914 Firefox/3.6.10" http_session_id=none msg="[policy_name=FWB_protocol_constraints] : Content Length Exceeded: (The content length (1232) exceeded the maximum allowed - 1024)" signature_subclass="N/A" signature_id="N/A" signature_cve_id="N/A" srccountry="Reserved" content_switch_name="none" server_pool_name="FWB_server_pool" false_positive_mitigation="none" user_name="Unknown" monitor_status="Disabled" http_refer="none" http_version="1.x" dev_id="none" es=0 threat_weight=25 history_threat_weight=0 threat_level=Moderate ftp_mode="N/A" ftp_cmd="N/A" cipher_suite="none" ml_log_hmm_probability=0.000000 ml_log_sample_prob_mean=0.000000 ml_log_sample_arglen_mean=0.000000 ml_log_arglen=0 ml_svm_log_main_types=0 ml_svm_log_match_types="none" ml_svm_accuracy="none" ml_domain_index=0 ml_url_dbid=0 ml_arg_dbid=0 ml_allow_method="none" owasp_top10="A05:2021-Security Misconfiguration" bot_info="none" client_level="Unidentified" x509_cert_subject="none"

Examples

date=2022-07-10 time=16:22:35 log_id=20000026 msg_id=000000174073 device_id=FVVM08TM21000756 vd="root" timezone="(GMT-8:00)Pacific Time(US&Canada)" timezone_dayst="GMTa+7" type=attack pri=alert main_type="HTTP Protocol Constraints" sub_type="Content Length Violation" trigger_policy="N/A" severity_level=High proto=tcp service=http backend_service=unknown action=Alert_Deny policy="FWB_Policy_Default_AutoTest" src=192.168.1.8 src_port=54443 dst=10.102.0.1 dst_port=80 http_method=post http_url="/autotest/protocalConstrait" http_host="vote3.contentlen.com.cn" http_agent="Mozilla/5.0 (Windows; U; Windows NT 5.1; zh-CN; rv:1.9.2.10) Gecko/20100914 Firefox/3.6.10" http_session_id=none msg="[policy_name=FWB_protocol_constraints] : Content Length Exceeded: (The content length (1232) exceeded the maximum allowed - 1024)" signature_subclass="N/A" signature_id="N/A" signature_cve_id="N/A" srccountry="Reserved" content_switch_name="none" server_pool_name="FWB_server_pool" false_positive_mitigation="none" user_name="Unknown" monitor_status="Disabled" http_refer="none" http_version="1.x" dev_id="none" es=0 threat_weight=25 history_threat_weight=0 threat_level=Moderate ftp_mode="N/A" ftp_cmd="N/A" cipher_suite="none" ml_log_hmm_probability=0.000000 ml_log_sample_prob_mean=0.000000 ml_log_sample_arglen_mean=0.000000 ml_log_arglen=0 ml_svm_log_main_types=0 ml_svm_log_match_types="none" ml_svm_accuracy="none" ml_domain_index=0 ml_url_dbid=0 ml_arg_dbid=0 ml_allow_method="none" owasp_top10="A05:2021-Security Misconfiguration" bot_info="none" client_level="Unidentified" x509_cert_subject="none"

Meaning
HTTP Protocol Constraints violation.

Field name	Description
`log_id`	20000026 See Log ID numbers.
`main_type`	HTTP Protocol Constraints
`subtype`	Header Length Violation Header Line Violation Body Length Violation Content Length Violation Parameter Length Violation HTTP Request Length Violation URL Parameter Length Violation Illegal HTTP Version Cookie Number Overflow Request Header Line number Overflow URL Parameter Number Overflow Illegal Hostname Range Header Violation Illegal HTTP Method Illegal Content Length Illegal Content Type Illegal Response Code Missing POST Content Type Body Parameter Length Violation Header Name Length Violation Header Value Length Violation NULL Character in Parameter Name NULL Character in Paramter Value Illegal Header Name Illegal Header Value HTTP Request Filename Violation Web Socket Protocol Illegal Frame Type Illegal Frame Flag Illegal Connection Preface HTTP/2 Header Table Size Overflow HTTP/2 Concurrent Stream Number Overflow HTTP/2 Initial Window Size Overflow HTTP/2 Frame Size Overflow HTTP/2 Header List Overflow Illegal URL Parameter Name Illegal URL Parameter Value URL Parameter Name Overflow URL Parameter Value Overflow NULL Character in URL Illegal Character in URL Redundant HTTP Header Malformed URL Illegal Chunk Size HTTP Parsing Error HTTP Duplicated Parameter Name Odd and Even Space Attack

Examples
date=2022-07-10 time=16:22:35 log_id=20000026 msg_id=000000174073 device_id=FVVM08TM21000756 vd="root" timezone="(GMT-8:00)Pacific Time(US&Canada)" timezone_dayst="GMTa+7" type=attack pri=alert main_type="HTTP Protocol Constraints" sub_type="Content Length Violation" trigger_policy="N/A" severity_level=High proto=tcp service=http backend_service=unknown action=Alert_Deny policy="FWB_Policy_Default_AutoTest" src=192.168.1.8 src_port=54443 dst=10.102.0.1 dst_port=80 http_method=post http_url="/autotest/protocalConstrait" http_host="vote3.contentlen.com.cn" http_agent="Mozilla/5.0 (Windows; U; Windows NT 5.1; zh-CN; rv:1.9.2.10) Gecko/20100914 Firefox/3.6.10" http_session_id=none msg="[policy_name=FWB_protocol_constraints] : Content Length Exceeded: (The content length (1232) exceeded the maximum allowed - 1024)" signature_subclass="N/A" signature_id="N/A" signature_cve_id="N/A" srccountry="Reserved" content_switch_name="none" server_pool_name="FWB_server_pool" false_positive_mitigation="none" user_name="Unknown" monitor_status="Disabled" http_refer="none" http_version="1.x" dev_id="none" es=0 threat_weight=25 history_threat_weight=0 threat_level=Moderate ftp_mode="N/A" ftp_cmd="N/A" cipher_suite="none" ml_log_hmm_probability=0.000000 ml_log_sample_prob_mean=0.000000 ml_log_sample_arglen_mean=0.000000 ml_log_arglen=0 ml_svm_log_main_types=0 ml_svm_log_match_types="none" ml_svm_accuracy="none" ml_domain_index=0 ml_url_dbid=0 ml_arg_dbid=0 ml_allow_method="none" owasp_top10="A05:2021-Security Misconfiguration" bot_info="none" client_level="Unidentified" x509_cert_subject="none"

Examples