Last Modified: Jul 12, 2023
Affected Product(s):
BIG-IP AFM
Fixed In:
11.5.0
Opened: Apr 14, 2014 Severity: 4-Minor
The outcome for a packet that does not match any rule on any context on the firewall is a global Drop rule.
Packet is dropped.
Packet that does not match any rule configured for a firewall.
None.
In previous releases, the outcome for a packet that did not match any rule on any context on the firewall was a global Drop rule. Now, such a packet, that does not match any rule on any context is Rejected. The operative difference is that the Drop rule is silent, while the Reject rule sends an appropriate reject response, for example RST for the TCP protocol.