If a “ping”-packet is dropped by FW1 Policy, you will see this packet in “fw monitor” on one inspection point only: “i”. The “i” inspection point represents the inbound traffic before any rule processing. Since the packet is dropped by FW1 Policy, it will not pass through any other inspection points, such as “l” (after rule processing), “o” (outbound before rule processing), or “O” (outbound after rule processing). References: : Check Point Software, Getting Started, fw monitor.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit