[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] Inbound, outboud and eitherbound
It's my understanding based on discussions w/ Checkpoint technical folks that the "Apply Gateway Rules to Interface Direction" is only enforced when applying your rulebase to gateways. As soon as you apply rules to a "target" the "apply rules" setting goes out the window and the rules are applied Eitherbound unconditionally. Kevin Martin [email protected] Stafford Trading Inc. Chief Security Officer Chicago, IL 60604 TEL230 S. LaSalle, Ste. 688 -----Original Message----- From: [email protected] [mailto:[email protected]] Sent: Tuesday, October 16, 2001 2:23 AM To: [email protected] Subject: Re: [FW-1] Inbound, outboud and eitherbound I might have been a bit unclear in my question. I know how inbound, eitherbound and outbound works. But what I wanted to know if the behaviour/experience I had on the firewall is correct according to the "Apply Gateway Rules to Interface Direction". I cannot imagine that it is normal for a gateway/firewall to block all traffic if I set the property to outbound. But in my case I'm not able to contact the firewall anymore. Also, I cannot see why a telnet from the gateway/firewall to a remote host should behave different depending on the property setting. When set to inbound, the telnet session hang, if set to eitherbound, the telnet session was rejected by the remote host. --- Jørn Yngve Dahl-Stamnes EDB Teamco, Trondheim [email protected] > -----Original Message----- > From: Iztok Umek [mailto:[email protected]] > Sent: 15. oktober 2001 15:31 > To: Mailing list for discussion of Firewall-1 > Cc: [email protected] > Subject: RE: [FW-1] Inbound, outboud and eitherbound > > > > > > I have a question about inbound, outbound and eitherbound property. > > Inbound - checks packet going up the TCP/IP stack > Outbound - checks packet going down the TCP/IP stack > Eitherbound - checks both directions > > This is CheckPoint definition. > =============================================== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html =============================================== =============================================== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ===============================================
|