-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 06/28/2016 12:03 AM, Thomas Schneider wrote:
> Update: I have adjusted some rules as follows: ## Permit ping
> access Ping(ACCEPT)loc,fb $FW Ping(ACCEPT)$FW
> loc,fb Ping(ACCEPT)fb loc,dmz
>
> ## Drop ping access
Hello Tom,
I have no doubts in your analysis of the dump.
However, I have no idea about the right conclusions.
You're pointing to some rules stating "no rule matches the traffic".
This confirms my assumption, but I'm not sure what to configure.
These are the current rules for ping/traceroute:
##
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 06/29/2016 01:24 PM, Thomas Schneider wrote:
> Hello Tom,
>
> I have no doubts in your analysis of the dump.
>
> However, I have no idea about the right conclusions. You're
> pointing to some rules stating "no rule matches the traffic". This
> c
