[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW1] Spoof Tracking
If you are using nat, then the config gets a little more complex. You will have to make a note of which ip addresses are static inbound natted and add them to a group with the internal networks (or dmz objects depending on the dest), and classify them as specific. You will have to add a rule for STATIC outbound and put the corresponding internal interface addresses in a group and set the external as others+<groupname>. CryptoTech "Marius .R. Banica" wrote: > hi there, simple > > internal network - this net - spoof track log > dmz - build a group with ure networks and hosts there put it under > specific - spoof track log > External if - others - spoof track log. > > Thats if ure paranoid like myself.. :-) > ----- Original Message ----- > From: "Thornton, Richard" <[email protected]> > To: "Firewall-1 Mailing List (E-mail)" > <[email protected]>; "Fw1-Wizards (E-mail)" > <[email protected]> > Sent: Wednesday, December 06, 2000 4:26 PM > Subject: [FW1] Spoof Tracking > > > > > Hi All > > > > Quick Question > > > > I have a simple firewall configuration > > > > 1 firewall with 3 interfaces > > > > > > Internet > > | > > | > > Firewall--DMZ > > | > > | > > Localnet > > > > Assume the Internet IF is valid addresses "Any" > > Assume the DMZ IF is valid addresses "This Net" > > Assume the Localnet IF is valid addresses "This Net" > > > > Question which? if any? interfaces should I turn spoof tracking to log or > > alert, and why? > > > > Many Thanks in advance. > > > > Richard > > > > > > _________________________________________________________________ > > Common Services Agency Disclaimer > > > > The information contained in this message may be confidential > > or legally privileged and is intended for the addressee only. > > If you have received this message in error or there are any > > problems please notify the originator immediately. > > The unauthorised use, disclosure, copying or alteration of this > > message is strictly forbidden. > > _________________________________________________________________ > > > > > > > > > ============================================================================ > ==== > > To unsubscribe from this mailing list, please see the instructions at > > http://www.checkpoint.com/services/mailing.html > > > ============================================================================ > ==== > > ================================================================================ > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================================================ ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|