You router may be object of an attack. See the "Error Message Decoder" from Cisco:
1. %FW-4-HOST_TCP_ALERT_ON: Max tcp half-open connections ([dec]) exceeded for host [IP_address].
The max-incomplete host limit of half-open TCP connections has been exceeded. This message indicates that a high number of half-open connections is coming to the protected server, and it may indicate that a SYN flood atta ck is in progress and is targeted to the specified server host.
Recommended Action: This message is for informational purposes only, but it may indicate that a SYN flood attack was attempted. If this alert is issued frequently and identified to be mostly false alarms, then the max-incomplete host threshold va lue is probably set too low, and there is a significant amount of legitimate traffic coming into that server. In this case, the max-incomplete host parameter should be set to a higher number to avoid false alarms.
1. %FW-3-SMTP_INVALID_COMMAND: Invalid SMTP command ([chars])(total [dec] chars) from initiator ([IP_address]:[dec])
The CBAC code detected an invalid SMTP command in the inspected SMTP connection. This message indicates that a suspicious violation was detected that may be an attack on the mail server system. The command is rejected, and the c onnection is immediately reset by the firewall.
Recommended Action: This message is for informational purposes only, but it may indicate a security problem.