Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW1] Negate Question

To: Velasquez Venegas Jaime Omar <[email protected]>
Subject: Re: [FW1] Negate Question
From: Reinhard Stich <[email protected]>
Date: Fri, 27 Apr 2001 14:04:46 +0200 (CEST)
Cc: "FW1-MailingList (E-mail)" <[email protected]>
In-reply-to: <[email protected]>
Sender: [email protected]

On Wed, 25 Apr 2001, Velasquez Venegas Jaime Omar wrote:

> 
> 
>      Source         /   Destination   / Service 
> 1.TrustedZone ->Outside -> http
> 2.Trusted Zone ->Outside -> Negate(Service1)
> 
> Is there any use on Rule 2?
> doesn;t Rule1 in itself permits http and ONLY http? so there wouldn't have
> to be Rule2?

if service1 is http then you are absolutely right!

rule 2
trusted -> outside -> any : drop

would do the same (if rule 1 is permit and rule 2 is drop)

cheers
-reinhad



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

References:
- [FW1] Negate Question
  - From: Velasquez Venegas Jaime Omar <[email protected]>

Prev by Date: Re: [FW1] MAC address filtering ?
Next by Date: RE: [FW1] AW: securemote and sms client
Previous by thread: [FW1] Negate Question
Next by thread: [FW1] Dr Watson with User Authentication
Index(es):
- Date
- Thread