I'm getting quite a few logs of the following format: Type: log Action: drop Service: <hiport> Source: <internal network broadcast address> Destination: <internal host> Proto: icmp Rule: 0 S_Port: 771 Info: reason: local interface address spoofing.
Now, on that interface, I have anti-spoofing set to alert, and even if I set it to none, the logs still show up. I do not have any explicit or implicit rules to allow ICMP. What's going on here, and how do I stop from having these logged? -Yanek. =============================================== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ===============================================
