Checkpoint Bug: Dynamic objects
Improper dynamic objects configuration causes antispoof action on Checkpoint firewall R77.20.
Dynamic object was used in firewall policy, but it was not configured on Gaia level.
1. Rule was not working :)
2. Other, not related traffic was blocked:
2.1. Session log was not generated
2.2. Checkpoint generated Address spoofing log with Detect action
Dynamic object feature didn't work but it also affected other traffic, but only there, where destination IP and port in packet where same as destination and service in ruleset. If we consider source as ANY then rule was matched. Generated log said "Address spoofing: detect" but traffic was in fact blocked.
Checkpoint should skip rule with dynamic object as there was obvious dynamic object misconfiguration.
Fixed in 77.30.