I have this weird issue I have been trying to get around in my R81.10 lab. I have a layered policy that I have been using for all internet traffic (Main rule No 13) .
source = is all of my LAN networks
destination = Non-private IP addresses (negated RFC-1918 ips) ** NOTE** also used the "Internet" application service with same results
This directs all traffic destined for the internet to a inline layer called "TO_Internet Layer_V2"
On this inline layer, I have a rule (13.11) that looks for the service "traceroute" from any source to any internet destination (note: used 'any', Internet application object and the current "All_Internet" one in the screenshot.
It seems that no matter what I do, the logs for any traceroute traffic out to the internet hits the main master rule for the layer (Rule 13) and not the actual rule within the layer itself (13.11).
All other flows that route through this internet inline layer policy seems to update its hit count and record against is respective sub rule # (13.x).
Has anyone seen anything like this before? It looks like if I move the traceroute rule out of the inline layer and place as a normal policy rule (i.e above rule #13), it matches......but if I use it in inline layer itself, it just will not hit the actual rule (13.11).
MGMT and GW at R81.10 Take 22.
Thanks in advance.