Policies security rules - filtering issue

Reply
Highlighted
L2 Linker

Policies security rules - filtering issue

Hi,

Do you know is there any documentation regarding policies security rules filtering?

I have found some strange behavior for filtering. Examples below on the screenshots are from Palo Alto testing firewall (sv 5.0.6). As it can be seen, if I use filter (source-user eq ‘any’) not all relevant results are returned which is obviously wrong.

test_sve.pngtestin_finance_ok.pngtest_nijeok.png

Also, I have noticed inconsistency in applying complex filters, i.e. with logical operators. One of the issues was incorrect parsing of the following filter: (A and (B or C)) should give the same result set as ((A and B) or (A and C)). However, this is not the case. This was noticed also on 4.1.x versions.

Do you have similar experience and/or do you know where can I find detailed documentation regarding filtering (I cannot find it, am I missing something)?

Thank you in advance.

Best regards,

Vesna

L4 Transporter

Re: Policies security rules - filtering issue

Vesna,

     You aren't missing anything. Please open a case so that we can address this with the developers. Thank you for bringing this to our attention!

Craig

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!