Some network implementations may generate an extensive amount of IP packets that have a source IP address which will trigger the following log message :
2012-10-30 10:13:42 log_id=0038000007 type=traffic subtype=other pri=warning status=deny vd="root" src=10.75.2.29 srcname=10.75.2.29 src_port=138 dst=10.75.3.255 dstname=10.75.3.255 dst_country="Reserved" src_country="Reserved" dst_port=138 service=138/udp proto=17 app_type=N/A duration=0 rule=0 policyid=0 identidx=0 sent=0 rcvd=0 shaper_drop_sent=0 shaper_drop_rcvd=0 perip_drop=0 shaper_sent_name="N/A" shaper_rcvd_name="N/A" perip_name="N/A" vpn="N/A" vpn_type=UNKNOWN(65535) vpn_tunnel="N/A" src_int="port1" dst_int="N/A" SN=55198 app="N/A" app_cat="N/A" user="N/A" group="N/A" msg="reverse path check fail, drop" carrier_ep="N/A" profilegroup="N/A" subapp="N/A" subappcat="N/A"
This message is further described in the related KB article "Details about FortiOS RPF (Reverse Path Forwarding), also called Anti-Spoofing".
config log memory filter set extended-traffic-log disable end config log fortianalyzer filter set extended-traffic-log disable end config log disk filter set extended-traffic-log disable end |
config global config log fortianalyzer filter set extended-traffic-log disable end end config vdom edit <vdom_name> config log memory filter set extended-traffic-log disable end end td> |
Related Articles
Technical Note: Details about FortiOS RPF (Reverse Path Forwarding), also called Anti-Spoofing
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.