Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW1] State Table Deterioration

To: [email protected]
Subject: [FW1] State Table Deterioration
From: Jeremy Dunn <[email protected]>
Date: Thu, 21 Sep 2000 11:25:38 +1000
Organization: CITEC
Sender: [email protected]

Hi,

Recently we had a problem with one of our firewalls. Hosts that were
allowed to connect through the firewall were not getting any response.
Looking at the logs showed that their connections were being accepted
through the firewall but all the return traffic was being dropped. After
a reinstall of the policy all connections were fine and return traffic
was being allowed through. 

I would like to infer from this that there was something wrong with the
state table. I have read about the state table filling up under heavy
loads but that would have denied the initial connections as well. The
only thing I can conclude is that the state table somehow got corrupted.
As we were trying to bring the service back up as quickly as possible I
did not get a chance to have a look at the inspection table using 'fw
tab' commands.

So my main questions are :
Am I drawing the right conclusions?
Has anyone experienced this before?
And, If what would cause the state table become corrupted?

The configuration of the firewall is : 
SunOS 5.6
FireWall-1 Version 4.0

Thanks,
Jeremy Dunn


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: RE: [FW1] Licenses/encryption problem.
Next by Date: RE: [FW1] Exchange Services dropped by rule 0
Previous by thread: [FW1] message at the policy install screen
Next by thread: RE: [FW1] NOKIA course
Index(es):
- Date
- Thread