| ID | Event | Notes |
| 100 | Out Of Connection | A packet was received that was not associated with an existing connection. |
| 101 | Invalid Flags | Flag(s) set in packet were invalid. This could be due to a flag that does not make sense within the context of a current connection (if any), or due to a nonsensical combination of flags. (Firewall Stateful Configuration must be On for connection context to be assessed.) |
| 102 | Invalid Sequence | A packet with an invalid sequence number or out-of-window data size was encountered. |
| 103 | Invalid ACK | A packet with an invalid acknowledgement number was encountered. |
| 104 | Internal Error | |
| 105 | CE Flags | The CWR or ECE flags were set and the Firewall Stateful Configuration specifies that these packets should be denied. |
| 106 | Invalid IP | Packet's source IP was not valid. |
| 107 | Invalid IP Datagram Length | The length of the IP datagram is less than the length specified in the IP header. |
| 108 | Fragmented | A fragmented packet was encountered with deny fragmented packets disallowed enabled. |
| 109 | Invalid Fragment Offset | |
| 110 | First Fragment Too Small | A fragmented packet was encountered, the size of the fragment was less than the size of a TCP packet (no data). |
| 111 | Fragment Out Of Bounds | The offsets(s) specified in a fragmented packet sequence is outside the range of the maximum size of a datagram. |
| 112 | Fragment Offset Too Small | A fragmented packet was encountered, the size of the fragment was less than the size of a TCP packet (no data). |
| 113 | IPv6 Packet | An IPv6 Packet was encountered, and IPv6 blocking is enabled. |
| 114 | Max Incoming Connections | The number of incoming connections has exceeded the maximum number of connections allowed. |
| 115 | Max Outgoing Connections | The number of outgoing connections has exceeded the maximum number of connections allowed. |
| 116 | Max SYN Sent | The number of half open connections from a single computer exceeds that specified in the Firewall Stateful Configuration. |
| 117 | License Expired | |
| 118 | IP Version Unknown | An IP packet other than IPv4 or IPv6 was encountered. |
| 119 | Invalid Packet Info | |
| 120 | Internal Engine Error | Insufficient resources. |
| 121 | Unsolicited UDP | Incoming UDP packets that were not solicited by the computer are rejected. |
| 122 | Unsolicited ICMP | ICMP stateful has been enabled (in Firewall Stateful Configuration) and an unsolicited packet that does not match any Force Allow rules was received. |
| 123 | Out Of Allowed Policy | The packet does not meet any of the Allow or Force Allow rules and so is implicitly denied. |
| 124 | Invalid Port Command | An invalid FTP port command was encountered in the FTP control channel data stream. |
| 125 | SYN Cookie Error | The SYN cookies protection mechanism encountered an error. |
| 126 | Invalid Data Offset | Invalid data offset parameter. |
| 127 | No IP Header | |
| 128 | Unreadable Ethernet Header | Data contained in this Ethernet frame is smaller than the Ethernet header. |
| 129 | Undefined | |
| 130 | Same Source and Destination IP | Source and destination IPs were identical. |
| 131 | Invalid TCP Header Length | |
| 132 | Unreadable Protocol Header | The packet contains an unreadable TCP, UDP or ICMP header. |
| 133 | Unreadable IPv4 Header | The packet contains an unreadable IPv4 header. |
| 134 | Unknown IP Version | Unrecognized IP version. |
| 135 | Invalid Adapter Configuration | An invalid adapter configuration has been received. |
| 136 | Overlapping Fragment | This packet fragment overlaps a previously sent fragment. |
| 137 | Maximum ACK Retransmit | This retransmitted ACK packet exceeds the ACK storm protection threshold. |
| 138 | Packet on Closed Connection | A packet was received belonging to a connection already closed. |
| 139 | Dropped Retransmit | Dropped Retransmit. |
| 140 | Undefined | |
| 141 | Out of Allowed Policy (Open Port) | |
| 142 | New Connection Initiated | |
| 143 | Invalid Checksum | |
| 144 | Invalid Hook Used | |
| 145 | IP Zero Payload | |
| 146 | IPv6 Source Is Multicast | |
| 147 | Invalid IPv6 Address | |
| 148 | IPv6 Fragment Too Small | |
| 149 | Invalid Transport Header Length | |
| 150 | Out of Memory | |
| 151 | Max TCP Connections | |
| 152 | Max UDP Connections | |
| 200 | Region Too Big | A region (edit region, uri etc) exceeded the maximum allowed buffering size (7570 bytes) without being closed. This is usually because the data does not conform to the protocol. |
| 201 | Insufficient Memory | The packet could not be processed properly because resources were exhausted. This can be because too many concurrent connections require buffering (max 2048) or matching resources (max 128) at the same time or because of excessive matches in a single IP packet (max 2048) or simply because the system is out of memory. |
| 202 | Maximum Edits Exceeded | The maximum number of edits (32) in a single region of a packet was exceeded. |
| 203 | Edit Too Large | Editing attempted to increase the size of the region above the maximum allowed size (8188 bytes). |
| 204 | Max Matches in Packet Exceeded | There are more than 2048 positions in the packet with pattern match occurrences. An error is returned at this limit and the connection is dropped because this usually indicates a garbage or evasive packet. |
| 205 | Engine Call Stack Too Deep | |
| 206 | Runtime Error | Runtime error. |
| 207 | Packet Read Error | Low level problem reading packet data. |
| 300 | Unsupported Cipher | An unknown or unsupported Cipher Suite has been requested. |
| 301 | Error Generating Master Key(s) | Unable to derive the cryptographic keys, Mac secrets, and initialization vectors from the master secret. |
| 302 | Record Layer Message (not ready) | The SSL state engine has encountered an SSL record before initialization of the session. |
| 303 | Handshake Message (not ready) | The SSL state engine has encountered a handshake message after the handshake has been negotiated. |
| 304 | Out Of Order Handshake Message | A well formatted handshake message has been encountered out of sequence. |
| 305 | Memory Allocation Error | The packet could not be processed properly because resources were exhausted. This can be because too many concurrent connections require buffering (max 2048) or matching resources (max 128) at the same time or because of excessive matches in a single IP packet (max 2048) or simply because the system is out of memory. |
| 306 | Unsupported SSL Version | A client attempted to negotiate an SSL V2 session. |
| 307 | Error Decrypting Pre-master Key | Unable to un-wrap the pre-master secret from the ClientKeyExchange message. |
| 308 | Client Attempted to Rollback | A client attempted to rollback to an earlier version of the SSL protocol than that which was specified in the ClientHello message. |
| 309 | Renewal Error | An SSL session was being requested with a cached session key that could not be located. |
| 310 | Key Exchange Error | The server is attempting to establish an SSL session with temporarily generated key. |
| 311 | Maximum SSL Key Exchanges Exceeded | The maximum number of concurrent key exchange requests was exceeded. |
| 312 | Key Too Large | The master secret keys are larger than specified by the protocol identifier. |
| 313 | Invalid Parameters In Handshake | An invalid or unreasonable value was encountered while trying to decode the handshake protocol. |
| 314 | No Sessions Available | |
| 315 | Compression Method Unsupported | |
| 316 | Unsupported Application-Layer Protocol | An unknown or unsupported SSL Application-Layer Protocol has been requested. |
| 500 | URI Path Depth Exceeded | Too many "/" separators. Max 100 path depth. |
| 501 | Invalid Traversal | Tried to use "../" above root. |
| 502 | Illegal Character in URI | Illegal character used in uri. |
| 503 | Incomplete UTF8 Sequence | URI ended in middle of utf8 sequence. |
| 504 | Invalid UTF8 encoding | Invalid/non-canonical encoding attempt. |
| 505 | Invalid Hex Encoding | %nn where nn are not hex digits. |
| 506 | URI Path Length Too Long | Path length is greater than 512 characters. |
| 507 | Invalid Use of Character | Use of disabled characters |
| 508 | Double Decoding Exploit | Double decoding exploit attempt (%25xx, %25%xxd, etc). |
| 700 | Invalid Base64 Content | Packet content that was expected to be encoded in Base64 format was not encoded correctly. |
| 710 | Corrupted Deflate/GZIP Content | Packet content that was expected to be encoded in Base64 format was not encoded correctly. |
| 711 | Incomplete Deflate/GZIP Content | Incomplete Deflate/GZIP Content |
| 712 | Deflate/GZIP Checksum Error | Deflate/GZIP Checksum Error. |
| 713 | Unsupported Deflate/GZIP Dictionary | Unsupported Deflate/GZIP Dictionary. |
| 714 | Unsupported GZIP Header Format/Method | Unsupported GZIP Header Format/Method. |
| 801 | Protocol Decoding Search Limit Exceeded | A protocol decoding rule defined a limit for a search or pdu object but the object was not found before the limit was reached. |
| 802 | Protocol Decoding Constraint Error | A protocol decoding rule decoded data that did not meet the protocol content constraints. |
| 803 | Protocol Decoding Engine Internal Error | |
| 804 | Protocol Decoding Structure Too Deep | A protocol decoding rule encountered a type definition and packet content that caused the maximum type nesting depth (16) to be exceeded. |
| 805 | Protocol Decoding Stack Error | A rule programming error attempted to cause recursion or use to many nested procedure calls. |
| 806 | Infinite Data Loop Error |