I’d like to confirm that there was a deliberate change in “ARP anti-spoofing” feature. I have this option enabled and after updating CIS to 6.2 firewall log started to show blocked arp entries (gratuitous requests).
I’m not sure if it is now a normal behaviour or a possible bug, so here’s the question (i mean - if previously such packed were just not logged (dropped silently)).