[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW1] Fw: unknown established tcp packet
Hi Mike, I'm happy that it solved the issue! The first time I ran into that I could not believe that the duplicate objects had something to do with that, but as soon I got it working I figured out that it was the case... Best regards and good luck, Aylton ----- Original Message ----- From: "MikeCC" <[email protected]> To: <[email protected]> Sent: Monday, July 30, 2001 10:42 PM Subject: RE: [FW1] Fw: unknown established tcp packet > > Hello all, > > Thanks to Aylton Souza suggestion about running into this problem and > finding duplicate entries in the objects.C file. > > I looked at my objects.C and nearly all of the objects had duplicate > entries, no doubt created when I tried to migrate this CMA. I removed the > duplicate entries from the objects.C and now all is well. > > At 04:23 PM 7/26/01 -0400, Ray Lodato wrote: > >I ran into exactly the same situation when I upgraded to SP3. Check out > ><http://www.phoneboy.com/faq/0408.html>http://www.phoneboy.com/faq/0408.htm l. > >As of SP3, the default is to drop packets for connections not in the > >connection table. Prior to SP3, it would try to match up the connection > >with an existing rule. The FAQ has you uncomment the line "#define > >ALLOW_NON_SYN_RULEBASE_MATCH" in fwui_head.def, and re-push the policy. > > > >Now, if someone could tell me why the connections are falling out of the > >connection table so soon, that would help. > > > > > >Ray Lodato > >NEF Information Services > >> >[email protected] > >-----Original Message----- > >From: Dorny [mailto:[email protected]] > >Sent: Wednesday, July 25, 2001 8:55 PM > >To: [email protected] > >Subject: [FW1] Fw: unknown established tcp packet > > > >Once again another e-mail titled unknown established tcp packet. I have > >looked through the list but I was not able to find a definitive solution for > >this error. Here is my problem after applying the latest check point > >service pack (SP4) I began seeing my logs fill up with dropped packets by > >rule 0 with the unknown TCP error. Now I have customers telling me that > >they cannot ssh, run restores, ect through their firewalls which upon > >further investigation I noticed that all the packets were being dropped by > >rule 0. I am also seeing lots of in-bound packet to customer web sites > >being dropped by rule 0 with the same error. None of this was happening > >when I was at SP 1 or 2. Anyone out there have a solution for this???? > > > >--Richard Dornhart > > > > MikeCC > http://atrek.org/mikecc > > > > ============================================================================ ==== > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html > ============================================================================ ==== > > ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|