NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW1] Fw: unknown established tcp packet



Hi Mike,

I'm happy that it solved the issue! The first time I ran into that I could
not believe that the duplicate objects had something to do with that, but as
soon I got it working I figured out that it was the case...

Best regards and good luck,

Aylton
----- Original Message -----
From: "MikeCC" <[email protected]>
To: <[email protected]>
Sent: Monday, July 30, 2001 10:42 PM
Subject: RE: [FW1] Fw: unknown established tcp packet


>
> Hello all,
>
> Thanks to Aylton Souza suggestion about running into this problem and
> finding duplicate entries in the objects.C file.
>
> I looked at my objects.C and nearly all of the objects had duplicate
> entries, no doubt created when I tried to migrate this CMA.  I removed the
> duplicate entries from the objects.C and now all is well.
>
> At 04:23 PM 7/26/01 -0400, Ray Lodato wrote:
> >I ran into exactly the same situation when I upgraded to SP3. Check out
>
><http://www.phoneboy.com/faq/0408.html>http://www.phoneboy.com/faq/0408.htm
l.
> >As of SP3, the default is to drop packets for connections not in the
> >connection table. Prior to SP3, it would try to match up the connection
> >with an existing rule. The FAQ has you uncomment the line "#define
> >ALLOW_NON_SYN_RULEBASE_MATCH" in fwui_head.def, and re-push the policy.
> >
> >Now, if someone could tell me why the connections are falling out of the
> >connection table so soon, that would help.
> >
> >
> >Ray Lodato
> >NEF Information Services
> >> >[email protected]
> >-----Original Message-----
> >From: Dorny [mailto:[email protected]]
> >Sent: Wednesday, July 25, 2001 8:55 PM
> >To: [email protected]
> >Subject: [FW1] Fw: unknown established tcp packet
> >
> >Once again another e-mail titled unknown established tcp packet.  I have
> >looked through the list but I was not able to find a definitive solution
for
> >this error.  Here is my problem after applying the latest check point
> >service pack (SP4) I began seeing my logs fill up with dropped packets by
> >rule 0 with the unknown TCP error.  Now I have customers telling me that
> >they cannot ssh, run restores, ect through their firewalls which upon
> >further investigation I noticed that all the packets were being dropped
by
> >rule 0.  I am also seeing lots of in-bound packet to customer web sites
> >being dropped by rule 0 with the same error.  None of this was happening
> >when I was at SP 1 or 2.  Anyone out there have a solution for this????
> >
> >--Richard Dornhart
> >
>
> MikeCC
> http://atrek.org/mikecc
>
>
>
>
============================================================================
====
>      To unsubscribe from this mailing list, please see the instructions at
>                http://www.checkpoint.com/services/mailing.html
>
============================================================================
====
>
>



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.