This section provides the limitations for the various system defined events.
Distributed firewall rule masked by preceding rule event limitation
This event has the following limitations:
- This event is supported only for NSX-V distributed firewall rules. Other firewall vendors are not supported.
- The following firewall rule properties are currently supported for masking computation:
- Applied To
- Service protocol and Port ranges
- Packet type
- Layer-7 application IDs
- Rules with source or destination inversion are not supported.
- Disabled rules are ignored.
- Rules with security groups containing excluded members directly or indirectly in Source/Destination or Applied To is not supported.
- The masking computation for Source, Destination, and Applied To properties are based on the static membership and IP range overlap of member IPSets. Dynamic membership of a security group are not considered for masking.