Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW1] prob with log

To: <[email protected]>
Subject: [FW1] prob with log
From: "Robert Kuhlig" <[email protected]>
Date: Thu, 26 Jul 2001 16:07:21 +0200
Importance: Normal
Sender: [email protected]

Hi
I recorded some strange log entries, seems like source an destination port
are changed.
Have the same from various servers short after somebody is intitializing a
connection from the inside. I'm running vpn-1 and do nat(hide) from an
privat 192.168.111.0 IP range to the outside allowing ftp, http and ssh as
well as other services. I also have no trouble to connect to the servers and
the services, just the log entries are confusing.

here is some of the entries

>13:56:43 drop   firewall >eth0 proto tcp src snort dst internet_hide
service 12944 s_port SSH len 40 rule 15
>14:07:00 drop   firewall >eth0 proto tcp src XXX.net dst internet_hide
service 12970 s_port http len 1500 rule 15
or
>13:51:30 drop   firewall >eth0 proto tcp src somewherein_the.uk dst
internet_hide service 56467 s_port ftp len 40 rule 15

can somebody explain it to me ?
I appriciate your help
rob









================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: RE: [FW1] Nokia CPU speed?
Next by Date: [FW1] List echo?
Previous by thread: [FW1] CP 4.1 and Squid
Next by thread: [FW1] List echo?
Index(es):
- Date
- Thread