Hi,
Related to my question I was looking at the policies you can set in VC3.
The documentation speaks of an : operator but when I try to apply it
to a rule it is not allowed, probable because I'm doing it wrong.
For instance when I try the following rule in the CLI:
set policy policy-statement
Yes, I've had it enabled and working before. The traffic needs to hit a
firewall rule before it'll be logged; you may also need to adjust the global
log level down from it's current default of warning to informational or lower.
Justin
On Feb 1, 2008 2:12 PM, Go Wow [EMAIL PROTECTED] wrote:
To summarize, traffic does know anything about where it's been. There's no
guarantee that traffic will go back the same route it came in;
asymmetric routing
is very common.
All a router knows is the IP address of the destination packet it
needs to forward;
it'll then use its routing information
Here's what i did, but I don't know why you want to log everything
being drop . Your log could get full in no time, if you have heavy
traffic or a mis-configured host/server etc.
[edit]
[EMAIL PROTECTED] show firewall name securityguard rule 1024
action: drop
log: enable
[edit]