How can I know why CBAC drops a packet. For example, the log I recieve for a dropped packet is
.Jul 30 11:42:01: %FW-6-DROP_PKT: Dropping tcp pkt 18.104.22.168:42423 => 22.214.171.124:80
(IP addresses have been changed)
How can I know why this packet was dropped?
The partial config that resulted in the above log is as below
ip inspect log drp-pkt
ip inspect name myfw out
Since the inspection is in the outbound direction , what does the log mean, in which direction was the packet transiting when it was dropped? Does the log mean the dropped packet had a source of 126.96.36.199 or is it merely a session indicator like
packet of session 188.8.131.52=>184.108.40.206 dropped?