I don't think you can call this a bug, since the method itself is not valid in HTTP spec, but I thought I note it just incase it comes up elsewhere.
We wrote an application to talk to our servers over HTTP using a GET method with a body (as an alternate to a POST method with a body.) When we had WAF enabled on that particular server, we noticed that the GET packets were getting dropped and not getting logged as dropped in the firewall. In fact, all of the logs showed that the traffic was accepted and passed.
It took us a while to figure this one out, but it only came up after we did a packet capture on the FortiGate and the destination server (wireshark.) Packets with the GET method were arriving to the FortiGate, but were not being received on the server. After disabling the WAF, things started working again.
As I said, I don't think you can call this a bug since the method itself is not valid, but it would have saved us weeks of trial and error if the FortiGate properly informed us that the packets were being dropped.
Thanks!
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1690 | |
1087 | |
752 | |
446 | |
228 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.