Spoof Detected List

The Spoof Detected List displays devices that failed to pass the ingress anti-spoof cache check. Entries on this list can be added as a static anti-spoof entry. To do this, click on the Add icon for the desired device. An alert message window opens, asking if you wish to add this static entry. Click OK to proceed, or Cancel to return to the Spoof Detected List.

Entries can be flushed from the list by clicking the Flush button. The name of each device can also be resolved using NetBios, by clicking the Resolve button.

You can identify a specific device(s) by using the table “Filter” function.

To identify a device, you must fill in the available field, specifying either the device’s IP address, iface, MAC address, or name. The field must be filled using the appropriate syntax for operators:

 

Operator syntax options

Operator

Syntax options

Value with a type

Ip=1.1.1.1 or ip=1.1.1.0/24

Mac=00:01:02:03:04:05

Iface=x1

String

X1

00:01

Tst-mc

1.1.

AND

Ip=1.1.1.1;iface=x1

Ip=1.1.1.0/24;iface=x1;just-string

OR

Ip=1.1.1.1,2.2.2.2,3.3.3.0/24

Iface=x1,x2,x3

Negative

!ip=1.1.1.1;!just-string

!iface=x1,x2

Mixed

Ip=1.1.1.1,2.2.2.2;mac=00:01:02:03:04:05; just-string;!iface=x1,x2