Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW1] unknown established TCP packet

To: "Partridge, Steve" <[email protected]>
Subject: Re: [FW1] unknown established TCP packet
From: [email protected]
Date: Mon, 29 Jan 2001 21:41:59 -0600
Cc: "'[email protected]'" <[email protected]>
Sender: [email protected]



Steve:

     The problem that I think that you are having is trying to edit the file
with Notepad. Notepad, I believe appends CR/LF to the ends of the lines in the
file that you are trying to edit and CheckPoint does not like it. Try using
something like edit.exe and see if that doesn't fix your problem.

     You did make a backup copy of the fwui_head.def file before you started
making changes to it right?

     Also, which fwui_head.def file are you trying to modify. If you have a
set-up in which you have a machine running the FW module and a different machine
that is the Mgmt. server, you should be making the changes on the Mgmt. server
and then once changes have been saved, re-push the policies up to the FW.

     Hope that this helps.







"Partridge, Steve" <[email protected]> on 01/29/2001 05:11:43 PM
                                                              
                                                              
                                                              
  To:          "'[email protected]'"   
               <[email protected]>     
                                                              
  cc:          (bcc: James E Clukey/Rush/RSH)                 
                                                              
                                                              
                                                              
  Subject      [FW1] unknown established TCP packet           
  :                                                           
                                                              







Hi all,

I am trying to stop logging 'rule 0 unknown established TCP packet' as per
PhoneBoy's recommendations http://www.phoneboy.com/fw1/faq/0408.html
<http://www.phoneboy.com/fw1/faq/0408.html>  .
I can not get it to work.  I am not trying to revert to the old behavior. I
am only trying to stop logging this. I tried commenting out the line in the
file $FWDIR/lib/fwui_head.def .  I tried both of the following combinations
to comment the line (one with a space after the // and one without a space).

// #define NON_SYN_RULEBASE_MATCH_LOG
//#define NON_SYN_RULEBASE_MATCH_LOG


I did a fwstop before modifying the file with notepad than restarted
firewall with fwstart.

NT 4.0 sp4
FW-1 v4.1 sp2

Has anyone had any luck stopping this logging 'rule 0 unknown established
TCP packet' ?
Any suggestions on what I may be doing wrong?


Thanks
Steve




================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================





================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: RE: [FW1] SQL 2000
Next by Date: Re: [FW1] Nokia IP650 - HA vs VRRP
Previous by thread: RE: [FW1] unknown established TCP packet
Next by thread: RE: [FW1] unknown established TCP packet
Index(es):
- Date
- Thread