Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] Problems with domain-tcp

To: [email protected]
Subject: Re: [FW-1] Problems with domain-tcp
From: "Reed Mohn, Anders" <[email protected]>
Date: Thu, 18 Oct 2001 11:12:33 +0200
Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
Sender: Mailing list for discussion of Firewall-1 <[email protected]>

> If I change the checkbox that I mentioned above to "true" all
> domain-tcp packets from everywhere go trough the FW1-box.

This doesn't sound right..  you have a choice of enabling this
"First", "Last", or "Before Last", don't you?
If you enable it "First", the rule that allows domain-tcp will
be the first in yourt rule base.

Set to "last" instead. This will put the enable-rule in behind
you cleanup rule.
The cleanup rule will then stop anything that you haven't explicitly allowed
yourself.


Cheers,
Anders :)

===============================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
===============================================

Prev by Date: [FW-1]
Next by Date: Re: [FW-1] Anti-Virus - Replacement for NAV for Firewalls
Previous by thread: [FW-1] Problems with domain-tcp
Next by thread: Re: [FW-1] Problems with domain-tcp
Index(es):
- Date
- Thread