Technical Forum
Ask questions. Discover Answers.
cancel
Showing results for 
Search instead for 
Did you mean: 
Custom Alert Banner

AFM Default drop counter

JBonnet
Nimbostratus
Nimbostratus

I would like to know the purpose of the default drop/reject rule under global context, i.e. what circumstance is this incremented?

Creating policies within global/virtual or self IP context do not seem to affect the counter (any accept/deny counters are all incremented within those polices).

Reset stats does not affect the counter value (example below 423 remains the same).

afm.png

Thankyou in advance.

1 REPLY 1

Greasy_Pretzel
Legacy Employee
Legacy Employee

The manual says: If a packet does not match any rule in any context on the firewall, the Global Reject or Global Drop rule drops the packet (Global Drop) or drops the packet and sends the appropriate reject message (Global Reject) even when the system is in a default allow configuration.

If the counter for Default rule is not incrementing but they are incrementing for Virtual Server or the Self IP, that means there are more specific matches and not hitting the default rule on Global context. Packets dropped on Virtual Server or the Self IP context will not have an affect on the Global counter.