You're probably logging implicit rules. It's a checkbox in the GUI under Policy -> Options.
Chris -----Original Message----- From: Yanek Korff [mailto:[EMAIL PROTECTED]] Sent: Tuesday, November 20, 2001 15.23 To: [EMAIL PROTECTED] Subject: [FW-1] local interface address spoofing? I'm getting quite a few logs of the following format: Type: log Action: drop Service: <hiport> Source: <internal network broadcast address> Destination: <internal host> Proto: icmp Rule: 0 S_Port: 771 Info: reason: local interface address spoofing. Now, on that interface, I have anti-spoofing set to alert, and even if I set it to none, the logs still show up. I do not have any explicit or implicit rules to allow ICMP. What's going on here, and how do I stop from having these logged? -Yanek. =============================================== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html =============================================== =============================================== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ===============================================
