Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Geosoft
New Contributor

[Bug?] Web Application Filtering not logging dropped packets

I don't think you can call this a bug, since the method itself is not valid in HTTP spec, but I thought I note it just incase it comes up elsewhere.

 

We wrote an application to talk to our servers over HTTP using a GET method with a body (as an alternate to a POST method with a body.) When we had WAF enabled on that particular server, we noticed that the GET packets were getting dropped and not getting logged as dropped in the firewall. In fact, all of the logs showed that the traffic was accepted and passed.

 

It took us a while to figure this one out, but it only came up after we did a packet capture on the FortiGate and the destination server (wireshark.) Packets with the GET method were arriving to the FortiGate, but were not being received on the server. After disabling the WAF, things started working again.

 

As I said, I don't think you can call this a bug since the method itself is not valid, but it would have saved us weeks of trial and error if the FortiGate properly informed us that the packets were being dropped.

 

 

Thanks!

0 REPLIES 0
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors