Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW1] Re: WARNING: cannot get address of host

To: [email protected]
Subject: [FW1] Re: WARNING: cannot get address of host
From: "Karim K Ismail/Toronto/IBM" <[email protected]>
Date: Tue, 1 May 2001 15:54:20 -0400
Cc: [email protected]
Importance: Normal
Sender: [email protected]



Thanks to all that responded, I eventually figured out what the problem
was.     If you have
a client/server config (EMC + fw modules), ensure that if you have specific
policies
for specific fw modules, that your rulebase specifies the fw module in the
"install on" field
and not "Gateways". (all targets)

In my case, I was trying to push a firewall policy to a remote module  -
whilst my rulebase had the
firewall object in the "Install On" field,  the NAT rulebase specified
"Gateways".


rgds

-karim i.
Internet: [email protected]


Greetings

I am seeing this error today all out of nowhere when I try to push
the policy from my EMC onto one of my fw modules:

"/usr/lpp/FireWall-1/conf/myfirewall.pf", line 2437, WARNING: cannot
get address of host <fw module>
2437: WARNING: will not create a value table for <target_list75>
Compiled OK.

This doesn't happen when I load another policy and push onto another
fw module.

Any ideas?    I looked into the myfirewall.pf file on line 2437 and
noticed that the line "target_list" had 5 of my remote
fw module names in it, although I was only pushing the policy onto
one of these firewalls.   I deleted the *.pf file,
recreated a new one with "fw gen" - no luck.   In frustration, I
deleted the *.pf file and rulebases.fws, and did a
"fwm -g".    Everything got recreated, but when I pushed the policy,
I got the same error message.

Why is trying to get the address of a host for which I am not even
installing the rulebase on?   Why does the target_list line have *all* my
firewalls
in it?  Shouldn't it just contain the target of the fw module the policy
will be
pushed on?

Environment:
CP 4.0/SP 8
EMC/FW module environment

Any assistance would be appreciated.    Thanks.

Rgds


- -karim
Internet: [email protected]




Karim Ismail
Advisory IT Specialist
e-business Hosting Center Delivery Security - Common Infrastructure
Tel:.                  Email: [email protected]




================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: [FW1] Ports.conf (administration ports)
Next by Date: [FW1] disabling services in fwauthd.conf - safe?
Previous by thread: Fwd: [FW1] Ports.conf (administration ports)
Next by thread: [FW1] disabling services in fwauthd.conf - safe?
Index(es):
- Date
- Thread