[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW1] How does FW-1 count internal hosts?
On Tue, 2 Jan 2001 [email protected] wrote: > > Hi, > > I've successfully installed FW-1 on Debian Linux 2.2, we have > a 25 IP license and it happens a strange fact. The Linux box has > 2 Ethernet, eth0 and eth1, and FW-1 is correctly configured to > know that eth1 is the "external interface". > > After a period of activity FW-1 logs the following message to dmesg: > > FW-1: too many internal hosts (28) detected (... list of IP suppressed...) > Same here. RedHat 6.2, 2.2.17 kernel, FW1 4.1 SP2. > The strange is that in the list of IP there are some IPs that are > not part of the internal LAN. On the internal LAN we have only 10.x.x.x > addresses, but in the list there are also IP that cannot be seen as > internal because there are no PC or server which such addresses! > > Who knows which is the method of IP counting of FW-1? Per IP address. Should listen only on internal interface but IMHO there is a bug, e.g. in output of 'fw lichosts' we can see a lot of external IPs from external iface. > And what happens exactly when this limit is reached? Admin gets an email: --------<snip>------- You can avoid those repeated messages by removing the file: $FWDIR/database/fwd.h, then restarting VPN-1 & FireWall-1 and making sure you do not violate the License Agreement again. --------<snip>------- We've done exactly that and then we got "Failed to Load Security Policy: No Valid FM License" error. After reboot it counts ok, but fills up its internal-hosts-database with previously seen/logged external IP addresses and then complains about the number of internal hosts again. petr ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|