Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Participant

Is there a way to supress logs from specific host

In Dashboard, under Global properties -> Stateful Inspection, there are some options to drop and Log Out of state Packets.
I want these features enabled,  but under the Exception button you can only make an Exception by gateway.      Does anybody know if there is a way to make a global exception for a specific host.    We want the firewall to continue to drop these packets,  but I don't need to send the information(from one host) to our logging server.

2 Replies
Highlighted
Champion
Champion

If you want to actually permit out of state and avoid logging it, you may try this one:

Depending on CP's interpretation of "Sequence" and "State", it may just do the trick.

Otherwise, I suspect you'll have to disable it globally, create new custom SmartEvent for "out of state" and define exception there.

Highlighted

SmartView Tracker shows multiple logs for dropped 'TCP out of state' packets is the right SK for your requirement. It shows a way to allow specific connections to bypass "out-of-state checking" using INSPECT syntax.