Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW1] WWW Timeout

To: [email protected]
Subject: Re: [FW1] WWW Timeout
From: Ed Rolison <[email protected]>
Date: Fri, 9 Mar 2001 09:15:47 +0000 (GMT)
Reply-to: Ed Rolison <[email protected]>
Sender: [email protected]


>Hello.  I am fairly new to Firewall-1 and I would like to know if I can set
>up a rule that would drop a users WWW connection if IDLE for more that a
>specified amount of time.  If Firewall-1 cannot provide that function is
>anyone using a product such as this?
> 
>Additionally, does Checkpoint make a product that can monitor e-mail
>messages?  For example, I would like a report of number of e-mails sent and
>to which sites monthly.

This is actually how a stateful firewall works.
Checkpoint maintains a connection table of everything incoming and outgoing that 
it has 'seen'. If it sees a 'close' of connection then it'll expire the 
connection from the table. It will also time out a connection after a period of 
time (default is 3600 seconds IIRC). It then gets removed from the state table, 
and any further packets from this connection will be dropped.

The firewall logs will allow you to check for email numbers and destinations - 
just check for outbound port 25 connections.

Or have a look at your mail logs.

--
Ed Rolison
Systems Admin
ER706-RIPE
[email protected]



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: [FW1] Have anyone ever used fireproof from radware for load balance CPFW?
Next by Date: [FW1] HA licenses. Confused
Previous by thread: [FW1] WWW Timeout
Next by thread: AW: [FW1] Mails stucked in Firewall Spool Directory
Index(es):
- Date
- Thread