Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] SP3 and unknown established TCP packet

To: "'Crivianu, Iosif'" <[email protected]>, [email protected]
Subject: RE: [FW1] SP3 and unknown established TCP packet
From: "Carey, Mike (ISS Southfield)" <[email protected]>
Date: Tue, 27 Feb 2001 10:42:03 -0500
Sender: [email protected]

This line:
#define NON_SYN_RULEBASE_MATCH_LOG 
as it is, tells the firewall to log non syn packets.  To avoid logging
dropped non-syn packets, comment out this line, so it looks like this:

/* #define NON_SYN_RULEBASE_MATCH_LOG  */


Below is an excerpt from my (non-modified) fwui_head.def
/*
 * Uncomment the following line to enable TCP Non-SYN packet to go through
 * the rule-base.
 */
/*#define ALLOW_NON_SYN_RULEBASE_MATCH */

/*
 * Comment the following line to disable logging of TCP Non-SYN packets
dropped
 * because they are not alowed to go through the rule-base
 */
#define NON_SYN_RULEBASE_MATCH_LOG

Hope this helps.


-----Original Message-----
From: Crivianu, Iosif [mailto:[email protected]]
Sent: Tuesday, February 27, 2001 10:28 AM
To: Carey, Mike (ISS Southfield);
[email protected]
Subject: RE: [FW1] SP3 and unknown established TCP packet


Yes this was my first check, the line is:
#define NON_SYN_RULEBASE_MATCH_LOG

Regards

> -----Original Message-----
> From:	Carey, Mike (ISS Southfield) [SMTP:[email protected]]
> Sent:	Tuesday, February 27, 2001 10:14 AM
> To:	'Crivianu, Iosif'; [email protected]
> Subject:	RE: [FW1] SP3 and unknown established TCP packet
> 
> Check to be sure that the change is still made to the file.   Patches
> overwrite files in the /lib dir.
> 
> 
> -----Original Message-----
> From: Crivianu, Iosif [mailto:[email protected]]
> Sent: Tuesday, February 27, 2001 10:03 AM
> To: [email protected]
> Subject: [FW1] SP3 and unknown established TCP packet
> 
> 
> 
>  I know it was a problem in SP2 with this message. In SP2 I commented out
> the following line in $FWDIR/lib/fwui_head.def: 
> #define NON_SYN_RULEBASE_MATCH_LOG 
> 
> But in SP3 the line was comment and the log file is full with this
> message..!?????!
> 
> It is another configuration, in another file?
> 
> Thanks in advance
> 
> 
> 
> 
> ==========================================================================
> ==
> ====
>      To unsubscribe from this mailing list, please see the instructions at
>                http://www.checkpoint.com/services/mailing.html
> ==========================================================================
> ==
> ====


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: RE: [FW1] SP3 and unknown established TCP packet
Next by Date: RE: [FW1] Move from Firewall-1 to VPN
Previous by thread: RE: [FW1] SP3 and unknown established TCP packet
Next by thread: RE: [FW1] SP3 and unknown established TCP packet
Index(es):
- Date
- Thread