[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW1] [FW-1] Log/Report question, FW-1 3.0b
Our firewall filters traffic for a class B and a class C network, a total of 65,792 (2^16 + 256) addresses. It's been noted that when we run reports such as fwlogsum and others that are home-grown, the number of targeted addresses within our LAN is never reported above approximately 57,600, which is exactly 8,192 (2^13) less than the total. The class B network uses a 20-bit subnet mask, which divides it into 16 subnets of 4,096 addresses each, the lowest and highest not in use. I can see the relationship between the various numbers, but I don't understand the discrepancy in reporting. Given this info, can anyone tell me why there should be such a discrepancy between the number of addresses and those attacked, when I can see from the logs that it appears neither the low nor high subnet is excluded from attack? Thanks... Chuck Sterling System / Network Administrator NASA White Sands Test Facility Las Cruces, New Mexico, USAMagic is REAL, unless declared INTEGER ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|