My logfile shows a small percentage (<0,1%) of rule-0-dropped packets for an
allowed and heavy used access from the internet to a internal (DMZ) device via
NAT. Our security policy is enforced inbound. All accepted connections are
logged incoming on the external interface.
The dropped connections (or packets?) are logged incoming on the internal
interface, even though the source IP is external. The info field only shows
something like len40. It seems that most of the dropped connections/packets are
coming from a certain source IP, but there are a lot of other IPs dropped too.
Cheers,
Olaf
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
