Jump to content

Dynamic group issue: gateway rule possible bug


carmik

Recommended Posts

Using an ESET VA for years now. We've got a x.y.64.0/22 private address reserved for our clients, with the gateway residing on x.y.64.1. Obviously, the range of this network is x.y.64.0 - x.y.67.255.

We've got a rule Network gateways . IP gateway ≠ (not equal) x.y.64.1 and a dynamic group based on it. Still, we see some (not all) systems in this dynamic group having ip addresses like x.y.65.z, x.y.66.z, x.y.67.z, for which we have confirmed that the gateway is x.y.64.1 and, hence, should not appear in this dynamic group.

We presume that the rule actually somehow involves an assumption for a /24 mask (which is not the case here) which explains why there are no systems having addresses like x.y.64.z.

We reported the issue to the local ESET distributor, insisting to file this as a bug, but only mitigations have been provided (ie specify subnets, instead of the gateway address). This is a very low priority issue for us, so we have not taken any mitigating actions, but we'd appreciate if you investigated this issue and, possibly, fixed it in a future version.

 

Edited by carmik
Link to comment
Share on other sites

  • carmik changed the title to Dynamic group issue: gateway rule possible bug
  • 1 month later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...