cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post

Is there a way to supress logs from specific host

In Dashboard, under Global properties -> Stateful Inspection, there are some options to drop and Log Out of state Packets.
I want these features enabled,  but under the Exception button you can only make an Exception by gateway.      Does anybody know if there is a way to make a global exception for a specific host.    We want the firewall to continue to drop these packets,  but I don't need to send the information(from one host) to our logging server.

2 Replies
Vladimir
Pearl

Re: Is there a way to supress logs from specific host

If you want to actually permit out of state and avoid logging it, you may try this one:

Depending on CP's interpretation of "Sequence" and "State", it may just do the trick.

Otherwise, I suspect you'll have to disable it globally, create new custom SmartEvent for "out of state" and define exception there.

Re: Is there a way to supress logs from specific host

SmartView Tracker shows multiple logs for dropped 'TCP out of state' packets is the right SK for your requirement. It shows a way to allow specific connections to bypass "out-of-state checking" using INSPECT syntax.