Clean-Up / Drop-All rule still fails to work properly.

Hi Big_Buck,

      Thanks for your feedback, I will send you PM for more details purpose.

It behaves EXACTLY the same as all XG versions so far.

I have already posted here many times regarding this.  And I raised a case regarding this many months ago.

Paul Jr

Hello Paul,

do you really see this behaviour on 17.x?

I am using a similar rule on SFOS 17.5 MR7 and it works (drops packets, writes corresponding log entry).

Best regards,
Bernd

Yes everywhere on any machine.

The same firewall rule on an XG210rev3 running v17.5.8

You see this ???

Firewall rule 21 should clearly "drop", yet the log viewer show "accepted".  Who I'm I supposed to believe ???  This is a firewall Jesus !!!  It's no device one should assume something is while the device says it's not !!!  It has been like this for years now !!!  Firewall 101 has to be more serious than that !!!

Paul Jr

I may be able to explain the Rootcause for this behavior.

Maybe you notice, a drop rule will also load the proxy for this traffic. (The yellow "WEB" is in every drop rule).

All "green" rules are basically web traffic, because the firewall ruleset will properly give this traffic to proxy to drop it via proxy. 

So in case of the firewall rule set, its a "allowed" traffic but the proxy will deny it. 

Thats my observation. 

But.  When a rule is "Drop", proxy is supposed to be disabled.  In the menu, it is NOT accessible.  HTTPS settings are not even visible.  That's yet another thing to fix.

Paul Jr

On my system the rule is working. We have the WEB Proxy NOT enabled.

The sytem is running SFOS 17.5.8 MR-8.