[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] "bad file number" after installing sp4
I've solved (ok.. worked around...) this
and as the support for checkpoint is that crap I'd like to share the info with
interested people.
No,
the etc/fwboot/ifdev file was 100% ok.
I used
one of these hardening scripts, in my case yassp, before installing fw-1. After
this I there's no trouble with the original installation of fw-1, but SP4
fails. It gives no error message or any kind of helpful information. FW-1 simply
do not start. I did not take sufficient time to investigate exactly how but it's
at least in the pre- and/or postpatch script.
For
example I found out that the correct startup file were not copied to /etc/rc2.d
and the installation did not process all of the postpatch script - it left some
temporary files in /etc/init.d.
Solution: Don't use any hardening scripts on fw-1
boxes, do it by hand.
Alternative solution: Install another firewall-product.
One that comes with install and support documentation/help for service
packs.
BR
/J
You said that you verified the /etc/fw.boot/ifdev file, but does it really contain everything that was in it before the service pack install? Any additions that were done after installing the firewall software, such as new interfaces for StoneBeat FullCluster or other products, tend to get wiped out when patches are installed. A default FireWall-1 file is put in place. I'm the one that actual sent the /etc/fw.boot/ifdev file info to the phoneboy site, but for some reason he didn't seem to include the reason to check for this file and what to actually look for. good luck to ya Ron "Johan Henell (TIM)" wrote:
|