[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW1] spoof alert
Hi Richard, this is mostly a problem of defining the anti-spoofing groups in the firewall object. See the FW Administration Guide page 473 (and around) about NAT and anti-spoofing: this described very well the way FW checks anti-spoofing before or after the translation have been done... In your case, I suppose you just forget to add the translated (external) addresses to the anti-spoofing group on the internal FW interface (in case of Static Destination Mode). Just RTFM ;-) Best regards, Olivier Merlin >hi group >i have recently installed a firewall and am receiving alerts from my >firewall interfaces as follows: >spoofalert nbdatagram rule 0 > nbname > sunrpc >there are linux and win2000 machines on both sides of the firewall and if i >disable spoof tracking in the interface properties the alerts stop but i >imagine this is not the ideal thing to do, what is the recommended way to >stop the alerts while keeping correct spoof tracking operation? >many thanks >richard thornton >edinburgh, scotland ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|