Create a Post
Showing results for 
Search instead for 
Did you mean: 

Unnecessary Bootp Logs being created from checkpoint firewall. Need to stop

Dear All,


We are getting logs of "bootp traffic dropped to on port 67" from multiple checkpoint clusters.
We are not using any DHCP or DHCP relay services in our environment.
Also, we followed the sk104114 to identify if bootp services are running on any interfaces. But no interface was running bootp services in any of our clusters.

May kindly let us know why this log is coming.

Various snapshots are attached.


Checkpoint Mgmt Server: GAIA: R80.40
Checkpoint Gateways: GAIA R80.10 (Load Sharing Unicast)

May kindly let us know why this log is coming. Also, how to stop these logs from getting generated.



Vinodhini R

0 Kudos
2 Replies

Most likely, something on the same LAN as the firewall is generating DHCP requests.
Use tcpdump -eni to verify the MAC address of the device generating the request.
It's most likely NOT the gateway that's doing it since that requires enabling a DHCP client on a given interface.

You can also simply create a rule to drop and not log this traffic, which is what I do in my home lab.

0 Kudos

The logs are not caused by the clusters themselves. At least one machine in your network is sending DHCP requests, look for it.

0 Kudos


Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events