Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] State Table

To: "'Amin Tora'" <[email protected]>, "'[email protected] '" <[email protected]>
Subject: RE: [FW1] State Table
From: Chris Arnold <[email protected]>
Date: Tue, 22 May 2001 11:32:37 -0400
Sender: [email protected]

"fwstop" is quite different from "fw unload localhost."  The first
terminates fwd, fwm, fwalert and any other associated FW-1 processes
(security servers) and removes the kernel module.  It's just a script so you
can read through it.  The latter simply unloads the current applied policy
from the localhost and leaves fwd running with no policy.

Chris

-----Original Message-----
From: Amin Tora [mailto:[email protected]]
Sent: Monday, May 21, 2001 12:21 AM
To: '[email protected] '
Subject: RE: [FW1] State Table




The state tables are CLEARED if you stop the firewall or unload your
policies.

You can prove this...

On a test firewall module:

run $FWDIR/bin/fw tab -t connections -u    {displays contents of state
table}
run $FWDIR/bin/fwstop OR $FWDIR/bin/fw unload localhost
run $FWDIR/bin/fw tab -t connections -u


Amin Tora, CISSP
ePlus Technology
http://www.eplus.com
NASDAQ: PLUS


>-----Original Message-----
>From: Chris Arnold [mailto:[email protected]]
>Sent: Saturday, May 19, 2001 8:46 AM
>To: 'Juppunov, George '; '[email protected] '
>Subject: RE: [FW1] State Table
>
>Not true.  Think about it...if you shutdown the FW service, the state
tables
>are gone.  Why would the underlying OS hold some data structure in memory
>just in case the service that created it decides to respawn?  
>
>Chris
>
>>-----Original Message-----
>>From: Juppunov, George
>>To: [email protected]
>>Sent: 5/17/01 6:47 PM
>>Subject: RE: [FW1] State Table
>>
>>Your connections will be "suspended", and dropped after the timeout
>>expires. 
>>In other words you can stop and start your firewall in the middle of the
>>day without
>>impacting production.
>> 
>>George


============================================================================
====
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
============================================================================
====


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: [FW1] Quick reference command list?
Next by Date: [FW1] securing Win2k
Previous by thread: [FW1] Application-Aware SQL Proxy [slightly OT]
Next by thread: RE: [FW1] State Table
Index(es):
- Date
- Thread