CPUG: The Check Point User Group

Resources for the Check Point Community, by the Check Point Community.


Tim Hall has done it again! He has just released the 2nd edition of "Max Power".
Rather than get into details here, I urge you to check out this announcement post.
It's a massive upgrade, and well worth checking out. -E

 

Results 1 to 3 of 3

Thread: HELP - dropped by fw_runfilter_ex Reason: F_INDOM

  1. #1
    Join Date
    2017-11-01
    Posts
    21
    Rep Power
    0

    Default HELP - dropped by fw_runfilter_ex Reason: F_INDOM

    Hi all,

    We are currently investigating issues in our network that happen at set times during the day, and month.

    We experience lockouts on our checkpoint, where traffic hits in the inbound interface and does not leave the outbound interface. Nothing shows in smart log however running
    fw ctl zdebug + drop shows:

    dropped by fw_runfilter_ex Reason: F_INDOM

    I have had a quick search online and it pins it to DNS issues - but it is quite vague.

    Can anyone shed any light to exactly what this drop entry is? What causes it and any previous experience of this?

    Thanks in advance

  2. #2
    Join Date
    2006-03-08
    Location
    Lausanne
    Posts
    1,025
    Rep Power
    13

    Default Re: HELP - dropped by fw_runfilter_ex Reason: F_INDOM

    Known issue. Look into sk110687
    -------------

    Valeri Loukine
    CCMA, CCSM, CCSI
    http://checkpoint-master-architect.blogspot.com/

  3. #3
    Join Date
    2009-04-30
    Location
    Colorado, USA
    Posts
    2,103
    Rep Power
    12

    Default Re: HELP - dropped by fw_runfilter_ex Reason: F_INDOM

    Quote Originally Posted by JPYDX View Post
    Hi all,

    We are currently investigating issues in our network that happen at set times during the day, and month.

    We experience lockouts on our checkpoint, where traffic hits in the inbound interface and does not leave the outbound interface. Nothing shows in smart log however running
    fw ctl zdebug + drop shows:

    dropped by fw_runfilter_ex Reason: F_INDOM

    I have had a quick search online and it pins it to DNS issues - but it is quite vague.

    Can anyone shed any light to exactly what this drop entry is? What causes it and any previous experience of this?

    Thanks in advance
    Don't use domain objects. Their implementation has been improved somewhat in R80.10 but I've been burned enough times over the years to just avoid them as a matter of course.
    --
    Second Edition of my "Max Power" Firewall Book
    Now Available at http://www.maxpowerfirewalls.com

Similar Threads

  1. dropped by fw_filter_chain Reason: chain hold failed
    By Irek_Romaniuk in forum VPN-1 VSX
    Replies: 16
    Last Post: 2017-08-02, 03:43
  2. SIP UDP packets dropped with strange reason
    By TodorPetkov in forum IPsec VPN Blade (Virtual Private Networks)
    Replies: 5
    Last Post: 2015-12-03, 11:04
  3. dropped by vpn_encrypt_chain Reason: no reason
    By crosspopz in forum IPsec VPN Blade (Virtual Private Networks)
    Replies: 3
    Last Post: 2013-12-03, 11:07
  4. NGX R62 - encryption fail reason: Packet is dropped because there is no valid SA
    By mfran2002 in forum IPsec VPN Blade (Virtual Private Networks)
    Replies: 9
    Last Post: 2009-02-09, 08:05
  5. dropped by vpn_inbound_policy_chain Reason: vpn inbound nat after vm failed
    By zyz101z in forum IPsec VPN Blade (Virtual Private Networks)
    Replies: 7
    Last Post: 2007-01-25, 05:48

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •