I ran
into exactly the same situation when I upgraded to SP3. Check out http://www.phoneboy.com/faq/0408.html.
As of SP3, the default is to drop packets for connections not in the connection
table. Prior to SP3, it would try to match up the connection with an existing
rule. The FAQ has you uncomment the line "#define ALLOW_NON_SYN_RULEBASE_MATCH"
in fwui_head.def, and re-push the policy.
Now,
if someone could tell me why the connections are falling out of the connection
table so soon, that would help.
Ray Lodato
NEF
Information Services
[email protected]
Once again another e-mail titled unknown established tcp packet. I
have
looked through the list but I was not able to find a definitive
solution for
this error. Here is my problem after applying the latest
check point
service pack (SP4) I began seeing my logs fill up with dropped
packets by
rule 0 with the unknown TCP error. Now I have customers
telling me that
they cannot ssh, run restores, ect through their firewalls
which upon
further investigation I noticed that all the packets were being
dropped by
rule 0. I am also seeing lots of in-bound packet to
customer web sites
being dropped by rule 0 with the same error. None
of this was happening
when I was at SP 1 or 2. Anyone out there have
a solution for this????
--Richard Dornhart
|
