NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] Changing config (base.def) files. WAS: ftp problems



Does anyone know the reason these Checkpoint solutions have you fwstop before making the changes?? I would like to be able to edit base.def and then fwstop;fwstart, creating the shortest down time for our users.
 
When I did it their way, I kept checking the base.def at each step and can't figure out why I needed to fwstop first.
 
Thanks for the enlightenment!
    Joe
 
    Joe
--- Begin Message ---
  • To:
  • Subject: [FW1] ftp problems
  • From: Andrew Fullagar <[email protected]>
  • Date: Wed, 13 Sep 2000 07:54:28 -0700
Title: ftp problems

as far as I know - if you use both these checkpoint solutions and apply both of them together, should fix the problem - let me know if it does


Solution: FTP to specific servers fails (10043.0.982)      
Edit the $FWDIR/lib/base.def file to allow FTP headers without "\r\n":  1. Stop FireWall-1 (fwstop) 2. Edit the /$FWDIR/lib/base.def 3. Mark out the following line:  #define FTP_ENFORCE_NL to: //#define FTP_ENFORCE_NL  4. Start FireWall-1 (fwstart) 5. Re-install the policy  Note for Solutions to other problems arising from an upgrade to FireWall-1 4.0 SP6, see FTP to some servers fails <solutionarea.asp?id=10043%2E0%2E7802303%2E2713413>       
       
 Problem Description   
FTP to specific servers fails  
       
 See the problem environment. <solutionarea.asp?togglefacts=1&id=74ef36ae-8786-11d4-bce3-080020cf9075&resource=>       
 See the cause. <solutionarea.asp?togglecause=1&id=74ef36ae-8786-11d4-bce3-080020cf9075&resource=>     
 See changes that affect this problem. <solutionarea.asp?togglechange=1&id=74ef36ae-8786-11d4-bce3-080020cf9075&resource=>     
 Comment on this Solution <_javascript_: startnow();>    
 Copyright ©1996-2000 Primus Knowledge Solutions, Inc. All Rights Reserved.  Solution Content Copyright ©2000 Check Point Software Technologies Inc. All Rights Reserved.      
Solution: FTP to some servers fails (10043.0.982)  
Edit the /$FWDIR/lib/base.def file to allow this behavior:  1. Stop the FireWall (fwstop) 2. Edit the $FWDIR/lib/base.def: Change it from:  #define FTPPORT(match) (call KFUNC_FTPPORT <0x1|(match)>)  // // Use this if you do not want the FireWall module to insist on a newline at the // end of the PORT command: // #define FTPPORT(match) (call KFUNC_FTPPORT <(match)>)  To:  //#define FTPPORT(match) (call KFUNC_FTPPORT <0x1|(match)>)  // // Use this if you do not want the FireWall module to insist on a newline at the // end of the PORT command: #define FTPPORT(match) (call KFUNC_FTPPORT <(match)>)  (The change is to comment the first line, and uncomment the last one)  3. Start the FireWall (fwstart) 4. Re-install the policy  Note- for Solutions to other problems arising from an upgrade to FireWall-1 4.0 SP6, see FTP to specific servers fails <solutionarea.asp?id=10043%2E0%2E7772541%2E2711982>  
       
 Problem Description   
FTP to some servers fails      
       
 See the problem environment. <solutionarea.asp?togglefacts=1&id=bba89c20-8786-11d4-bce3-080020cf9075&resource=>       
 See the cause. <solutionarea.asp?togglecause=1&id=bba89c20-8786-11d4-bce3-080020cf9075&resource=>     
 See changes that affect this problem. <solutionarea.asp?togglechange=1&id=bba89c20-8786-11d4-bce3-080020cf9075&resource=>     

Comment on this Solution <_javascript_: startnow();>

Copyright ©1996-2000 Primus Knowledge Solutions, Inc. All Rights Reserved.
Solution Content Copyright ©2000 Check Point Software Technologi

andrew

Internet Security Engineer (CCA,CCSA,CCSE,CCNA)
Gigabytes Inc.
Tel:
Fax:(toll free)
Cel:





--- End Message ---


 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents � 2003 Network Presence, LLC. All rights reserved.