Hi there guys,
the mechanism how to count the active ip addresses is similar to V6, the kernel sends for every connection it tracks information to a logging daemon.
In V7, every connection information through the device is logged to a database.
Than we query the database for every source and destination ip that communicated and map them to your local ip address ranges used.
That means every IP address that has been counted, we saw actually a packet with this source or destination ip address.
Therefore the license counting works correct.
It is indeed a bit more strict than it was in V6, as up until now we also count a single TCP SYN packet that has been sent out or in, even if nobody replied.
This means that a port scan to a range of dmz ip addresses, which actually do not exist, but are allowed by the packet filter could increase the license counting with ip addresses not used.
We will change that behavior in one of the next two updates to only count ip address have been part of a two way communication.
i hope that makes things a bit clearer
regards
Gert
This thread was automatically locked due to age.
