Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Sharma_Harsh
New Contributor

Created on ‎05-30-2018 04:17 AM

What does srccountry="Reserved" mean? 

Firewall Logs from FG-800c 
Here is a sample from the log: almost 20% logs have either srccountry='Reserved' or dstcountry='Reserved'
'2018-03-31T03:49:00.493663+05:30 * date=2018-03-31 time=03:49:00 devname=FG800C3G11614133 devid=FG800C3913802529 logid=0000000013 type=traffic subtype=forward level=notice vd=root srcip=10.208.23.164 srcname=RedmiNote4-Redmi srcport=63956 srcintf="port3" dstip=96.45.33.73 dstport=8888 dstintf="wan1" sessionid=2579982575 status=deny policyid=0 dstcountry="United States" srccountry="Reserved" trandisp=noop service=8888/udp proto=17 duration=0 sentbyte=0 rcvdbyte=0 devtype="Windows PC" osname="Windows" osversion="7" unauthuser=* unauthusersource="imap" mastersrcmac=00:15:17:76:54:29 srcmac=00:15:17:76:54:29 crscore=2432696350 craction=131072'

Labels:
12497
0 Kudos
3 REPLIES 3
Lukino
New Contributor

Created on ‎05-30-2018 05:47 AM

I think it means that the source address is a private IP

7556
0 Kudos
Kenundrum
Contributor III
In response to Lukino

Created on ‎05-30-2018 07:11 AM

Yes- it is referring to RFC1918 and other private use IP addresses not assigned to the public internet.

CISSP, NSE4

 

CISSP, NSE4
7556
0 Kudos
emnoc
Esteemed Contributor III
In response to Kenundrum

Created on ‎05-30-2018 08:22 AM

yes reserved and never to be use outside of that here's some more geoip  tips

 

http://socpuppet.blogspot.com/2017/08/fortios-geoip-tips.html

 

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
7556
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.