Drop Code: 70(Invalid TCP Flag(#1))
Description
When the URG flag is set on a TCP stream, the firewall will drop packets with Drop Code: 70(Invalid TCP Flag(#1)), Module Id: 25. This is set by default as a security measure to prevent attacks like TCP X-mas, DOS, DDOS, etc.)-kA1VN0000000LR70AM-0EMVN00000EoR59.png)
Cause
The firewall will drop the TCP packets with URG flags by default to prevent any forms of attacks similar to DOS, DDOS, TCP-Xmas, etc.
Resolution for SonicOS 7.X
This release includes significant user interface changes and many new features that are different from the SonicOS 6.5 and earlier firmware. The below resolution is for customers using SonicOS 7.X firmware.
- Navigate to Policy | Rules and Policies | Access Rules
)-kA1VN0000000LR70AM-0EMVN00000EoR57.png)
- Select the access rule in question which will define the traffic flow and click on the edit
- Navigate to Optional Settings | Allow TCP URG packets
)-kA1VN0000000LR70AM-0EMVN00000EoR5B.png)
- Enable the check box and save the settings.
Resolution for SonicOS 6.5
This release includes significant user interface changes and many new features that are different from the SonicOS 6.2 and earlier firmware. The below resolution is for customers using SonicOS 6.5 firmware.
- Navigate to Manage | Rules | Access Rules
)-kA1VN0000000LR70AM-0EMVN00000EoR55.png)
- Select the access rule in question which will define the traffic flow and click on the edit
- Navigate to Advanced | Allow TCP URG packets
)-kA1VN0000000LR70AM-0EMVN00000EoR58.png)
- Enable the check box and save the settings
