Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW-1-MAILINGLIST] User Defined Service Properties on FW-1 4.0

To: [email protected]
Subject: [FW-1-MAILINGLIST] User Defined Service Properties on FW-1 4.0
From: [email protected]
Date: Fri, 5 Oct 2001 09:09:24 -0700
Comments: To: [email protected]
Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
Sender: Mailing list for discussion of Firewall-1 <[email protected]>

I have created a user defined service with MATCH field : udp, uh_dport = any,
uh_sport = 500, and use this service in one of the rule to allow our VPN
server to talk back to a client at a random port from the source udp port 500
The system accepts it and I can verify and install the database and rules ok.
However, the log shows the traffic is not captured by that rule and is
ultimately dropped by the last rule.

I've tried something like udp, uh_dport < 1024, uh_sport = 500 and that works.
I've tried also using * instead of "any" but the system does not take it. Any
idea how I should be able to do that to allow any random udp destination ports
?

TIA,
Bernard


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: Re: [FW-1-MAILINGLIST] [FW1] (Still having) NAT Problem (and anti-spoofing is ok)
Next by Date: Re: [FW-1-MAILINGLIST] [FW1] Collins Brothers Jeeps and Jeep Parts
Previous by thread: [FW1] SR over Satellite?
Next by thread: [FW-1-MAILINGLIST]
Index(es):
- Date
- Thread