[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW1] RE: http-filtering problem
Hello, now I have more infos of the problem. The drops only occurs if in the URL is an '@' and no '/' or '\' in the string after it. But only for the first '@' there must be a '/' or '\'. Some samples: www.abc.com/abc@def and http://www.abc.com/abc@def@ gets dropped. www.abc.com/abc@def/ and http://abc.go.com/abc@def\ are accepted also www.abc.com/abc@defdg@sfgdfg/ or www.abc.com/abc@/ are accepted and also www.abc.com/abc@def/abc@def is accepted. So it seems that the http-securityserver consists of a '/' or a '\' only after the first '@'. Any ideas or maybe a solution ???? Best regards Daniel Fitzner ------------------------------------------------------------------------ ---- --------- Daniel Fitzner IT-Services T-Systems debis Systemhaus GEI GmbH / GS Berlin debis Haus am Potsdamer Platz 10875 Berlin mail: [email protected] fon: +49 30 2554-3266 fax: +49 30 2554-3187 -----Original Message----- From: Fitzner Daniel Sent: Thursday, August 23, 2001 11:28 AM To: FW1-Mailinglist (E-Mail) Subject: http-filtering problem Hello, I have a problem with http-filtering with security server form CP-FW1. I implemented a rule that blocks Code Red: Schemes: http Methodes: * Host: * Path: */*.ida* Qery: * Everything works fine until I upgraded from SP2 to SP4. Now all http-traffic that includes a @ in the URL is rejected. I still edited objects.C with the changes described in http://www.phoneboy.com/faq/0419.html, because of other problems described in this FAQ. But this is another problem. Also the logviewer doesn't shows "malformed request". Anyone has an idea ? Best regards Daniel Fitzner ------------------------------------------------------------------------ ---- --------- Daniel Fitzner IT-Services T-Systems debis Systemhaus GEI GmbH / GS Berlin debis Haus am Potsdamer Platz 10875 Berlin mail: [email protected] fon: +49 30 2554-3266 fax: +49 30 2554-3187 ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|