https://community.checkpoint.com/t5/Firewall-and-Security-Management/Discuss-with-quot-fw6-sam-policy-add-quot/m-p/153910#M25920 <P>I have read it, but test fail. I would like to a detail example now.</P> Wed, 27 Jul 2022 02:47:06 GMT Herschel_Liang 2022-07-27T02:47:06Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Discuss-with-quot-fw6-sam-policy-add-quot/m-p/153855#M25902 <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="微信截图_20220726213200.png" style="width: 999px;"><img src="https://community.checkpoint.com/t5/image/serverpage/image-id/17314iB31DD826E507CD9C/image-size/large?v=v2&amp;px=999" role="button" title="微信截图_20220726213200.png" alt="微信截图_20220726213200.png" /></span></P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="微信截图_20220726213259.png" style="width: 985px;"><img src="https://community.checkpoint.com/t5/image/serverpage/image-id/17315iE09632A731A6A70F/image-size/large?v=v2&amp;px=999" role="button" title="微信截图_20220726213259.png" alt="微信截图_20220726213259.png" /></span></P><P>[Expert@R80.30_GW1:0]# fw6 sam_policy add -a d -l r -t 3600 -n aaa quota service any source cidr:2::2/128 concurrent-conns 1000 fl ush true<BR />add quota: validation failed: Bad source 'cidr:2::2/128' (-5)<BR />[Expert@R80.30_GW1:0]# fw6 sam_policy add -a d -l r -t 3600 -n aaa quota service any source cidr:2::2/12 concurrent-conns 1000 flush true add quota: validation failed: Bad source 'cidr:2::2/12' (-5)<BR />[Expert@R80.30_GW1:0]# fw6 sam_policy add -a d -l r -t 3600 -n aaa quota service any source cidr:"2::2/12" concurrent-conns 1000 flush true<BR />add quota: validation failed: Bad source 'cidr:2::2/12' (-5)<BR />[Expert@R80.30_GW1:0]# fw6 sam_policy add -a d -l r -t 3600 -n aaa quota service any source "cidr:2::2/12" concurrent-conns 1000 flush true<BR />add quota: validation failed: Bad source 'cidr:2::2/12' (-5)<BR />[Expert@R80.30_GW1:0]#</P><P>&nbsp;</P><P>I want to block the IPv6 malicious source addresses via the SAM rule and have tried many many times, but it seems that suffer from a syntax issue. Who can tell me what is wrong with it? THX!</P> Tue, 26 Jul 2022 13:36:17 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Discuss-with-quot-fw6-sam-policy-add-quot/m-p/153855#M25902 Herschel_Liang 2022-07-26T13:36:17Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Discuss-with-quot-fw6-sam-policy-add-quot/m-p/153868#M25906 <P>Perhaps instead of doing this with sam_policy, use:<BR /><A href="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk112454" target="_blank">https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk112454</A></P> <P>&nbsp;</P> Tue, 26 Jul 2022 15:24:16 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Discuss-with-quot-fw6-sam-policy-add-quot/m-p/153868#M25906 PhoneBoy 2022-07-26T15:24:16Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Discuss-with-quot-fw6-sam-policy-add-quot/m-p/153910#M25920 <P>I have read it, but test fail. I would like to a detail example now.</P> Wed, 27 Jul 2022 02:47:06 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Discuss-with-quot-fw6-sam-policy-add-quot/m-p/153910#M25920 Herschel_Liang 2022-07-27T02:47:06Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Discuss-with-quot-fw6-sam-policy-add-quot/m-p/154007#M25999 <P>What precise fwaccel6 dos commands did you try and what were their precise results?</P> Wed, 27 Jul 2022 14:51:24 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Discuss-with-quot-fw6-sam-policy-add-quot/m-p/154007#M25999 PhoneBoy 2022-07-27T14:51:24Z