[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] Time out for TCP handshake
> -----Original Message----- > From: Amin Tora [SMTP:[email protected]] > Sent: Saturday, July 28, 2001 7:53 AM > To: [email protected] > Cc: 'Holland, Stephen' > Subject: RE: [FW1] Time out for TCP handshake > > > > >Without using SynDefender what is the default time Checkpoint 4.1 will > allow > >for the entire TCP handshake to take place before the firewall will close > the > >connection. Also what will be logged if the connection is dropped by > > the firewall if the handshake is not finished? > > Stephen: > > During the initial TCP handshake (i.e. SYN, SYN/ACK, ACK) FireWall sets > the > timeout value for the connection in the state table to 60seconds. > > You can edit this by editing a file $FWDIR/conf/objects.C with the > following > entry: > > :tcpstarttimeout (60) > > After the handshake is completed, the timeout is set to 3600seconds if you > haven't changed your default Policy->Properties: TCP timeout value... > > ...not sure what will be logged if the handshake is not completed or even > IF > anything will be logged at all... [J. Hartmann] When the timer of 60s goes down and after that the first ACK packet is sent you log will show: "Unknow established TCP packet." > .peace. > > Amin Tora,CISSP > ePlus Technology Inc. > > > > ========================================================================== > ====== > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html > ========================================================================== > ====== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|