Support Center > Search Results > SecureKnowledge Details
UDP traffic is dropped with "Violated unidirectional connection" log in SmartView Tracker Technical Level
  • SmartView Tracker log shows that UDP traffic is dropped with the following message:
    Message_Info: Violated unidirectional connection

  • Kernel debug on Security Gateway shows:
    fw_log_drop: Packet proto= ... dropped by fw_one_way_enforcement Reason: conn oneway violated

  • Captured traffic shows TTL value less than 30.

  • Service "Any" is allowed in the rulebase.

By default, a reply to a UDP packet is not allowed.
The Security Gateway can mark a connection in the Connections Table to allow traffic to pass only in one direction (hence the term 'unidirectional').
If a UDP connection uses a bi-directional communication method, this would create a violation.

Note: To view this solution you need to Sign In .