Are you a member of CheckMates?
×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
In case someone else was using SK How to enable stripping of X-Forward-For (XFF) field
I know that it worked perfectly OK in R70.30 and we never bothered checking it after upgrades to R80.10, just assumed it worked. Today just by pure chance I stumbled across the fact that our internal IPs are being sent out in XFF header that were supposed to be stripped out.
One thing that I noticed with R80.10 is that kernel parameter ws_remove_proxy_connection_header doesn't seem to work anymore
Anyone else could verify this?
SR submitted
That's why I added the screenshot - it does not recognise the parameter 
we were able to set/get it in R77.30
Yep, as mentioned in original post - case lodged and all logs provided. 
Time for weekend. Hopefully it's fixed when I return on Monday morning
Hard to admit but it was proper Homer situation.. Forgot that we ad turned off AntiBot blade few months ago and you need one of medium path blades to be active for XFF removal to work
