Re: ANTI SPOOFING enabled ? FORTIGATE
2021/01/09 04:04:37
(permalink)
Stateful firewall have to maintain a table of active sessions - "state" refers to the state of a session, being opened, used, closed. If you show the current session table with the commands supplied by @emnoc, you do in fact prove that this firewall is stateful.
Proving that RPF is in place is more difficult. You can show that the FGT has a command to disable this feature, so indirectly show that the feature exists. Other than that, you can only demonstrate it by injecting traffic from an unknown IP source, which will be dropped silently by RPF.
Then again, it's all in the data sheet. I have no idea how I could *prove* that the engine in my car has 6 cylinders but it's in the description of the model (and no, no ignition cables to count as it's a Diesel engine).
Ede
" Kernel panic: Aiee, killing interrupt handler!"