UDP traffic is dropped with "Violated unidirectional connection" log in SmartView Tracker

Support Center > Search Results > SecureKnowledge Details

Technical Level

Solution ID	sk31808
Technical Level
Product	Quantum Security Gateways, ClusterXL, Cluster - 3rd-party, VSX
Version	All
Platform / Model	All
Date Created	06-Jun-2006
Last Modified	24-Jun-2019

Symptoms

SmartView Tracker log shows that UDP traffic is dropped with the following message:
Message_Info: Violated unidirectional connection
Kernel debug on Security Gateway shows:
fw_log_drop: Packet proto= ... dropped by fw_one_way_enforcement Reason: conn oneway violated
Captured traffic shows TTL value less than 30.
Service "Any" is allowed in the rulebase.

Cause

By default, a reply to a UDP packet is not allowed.
The Security Gateway can mark a connection in the Connections Table to allow traffic to pass only in one direction (hence the term 'unidirectional').
If a UDP connection uses a bi-directional communication method, this would create a violation.

Solution

Note: To view this solution you need to Sign In .