Support Center > Search Results > SecureKnowledge Details
All traffic is dropped with message: "dropped by fw_runfilter_ex Reason: function does not exist"
Symptoms
  • All traffic is dropped by Security Gateway/Cluster. Running kernel debug (fw ctl zdebug + drop) is showing the following drop log:
    "dropped by fw_runfilter_ex Reason: function does not exist"

  • The following entries appear in /var/log/messages:
    kernel: [fw4_0] FW-1: fw_runfilter_ex(ctxid 0): function does not exist -1

Cause

Issue occurs when installing policy on more than one gateway, where not all the gateways have the same Inspection Settings configured. In certain situations Inspection Settings create implied rules, and the implied rule mismatch that results from the different profiles causes these drops.


Solution
Note: To view this solution you need to Sign In .