hi,
It looks (to me) like the “skip advanced security checks” doesn’t work entirely. Here’s why:
-
I have “block fragmented IP datagrams” on (in security/advanced/attack&detection/misc)
-
under security/application monitor, I have a couple of programs with the “skip advanced security checks” (edit/misc)
However, when I check the activiry logs, it keeps showing that Fragmented IPs have been blocked, and specifically for the programs I have checked “skip”, because I want those programs to be allowed fragmented packets.
Unless I misunderstand “skip advanced security checks”, the programs with this option on should skip the whole security/advanced checks, which include whether or not the packets are fragmented, right?
If I misunderstood, please tell me how to have “Block fragmented IP datagrams” on but bypass/allow it for a few specific programs.
Thank you in advance,
C.
PS: I’ve actually check the help file and tried to find the answer in the forum, but I did not find it.