[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] Cannot Compile
In a security server, use Reject or Drop in a rule, both generate a Reject in the log, because the firewall can't drop the SMTP connection request it has to accept it, open it, and read it before it can decide if it accept or reject it based on the email address and mime types used in the email. So the real action can't be drop. For an analogy, how can you know who for sure who is calling you without answering the call (yourself or your answering machine) even if you have caller id ? You can't, you have to first answer it to hear the other person and identify it. So as soon as a packet as to pass in a security server rule, even if it is dropped in a normal rule (maybe the catch all one) iin fact it will be rejected as you can verify in the action field of your log file. Then *{*@vhost²}* mean: is anything followed by anything followed by any of: anything followed by @vhost followed by anything followed by anything While {*@vhost²} mean is any of: anything followed by @vhost followed by anything which are the same... As i missed the inital email i don't know what is the problem but i am not sure this is not the solution, sorry... Can i have the original email again ? At 10:59 2001-12-20 +0200, Chontzopoulos, Dimitris wrote: >For starters, the "Action" shouldn't be "Reject". The "Action" on resources >should always be "Drop". >IMHO the "Match Sender" should be "*{*@vhost*}*". I may be wrong though... > >-----Original Message----- >From: Suriyanto Limah [mailto:[email protected]] >Sent: Thursday, December 20, 2001 4:46 AM >To: [email protected] >Subject: Re: [FW-1] Cannot Compile > > >Hi.. > >I have created a resource : > > Name: AntiSpamming > Exception Track: None > Match Sender: {*@vhost.*} > Don't Accept Mail Larger Than 1000 KB > CVP (no server installed) > CVP None > Allowed Chars: 8-bit > >With the two following roule: > >Source Destination Service Action Install on >any SMTP smtp->SMTP-AntiSpamming Reject OurFW > > > >regards, >Suriyanto > > > > > > > > >"Roelandts, Guy" <[email protected]> on 12/19/2001 08:39:44 PM > >Please respond to Mailing list for discussion of Firewall-1 > <[email protected]> > > > > > > > > > To: [email protected] > > cc: (bcc: Suriyanto Limah/AIN/ACI) > > > > Subject: Re: [FW-1] Cannot Compile > > > > > > > > > >Hi, > > Didn't you define something, like an object, that contains smtp > in it ? I had this once and found out there a number of reserved > words that you can't use. > > Just my 2 ??? cents > >Met vriendelijke groeten - Bien ? vous - Kind regards >Guy ROELANDTS >EMEA GS Internet Expertise Centre - CCSA & CCSE >Compaq Software Engineer - Belgium >E-mail : [email protected] >Tel: +32(02)729.77.44 (options 3 - 3 - 1) >Fax: +32(02)729.77.65 >========================================================== >This message may contain confidential and/or proprietary information, >and is intended only for the person/entity to whom it was originally >addressed. The content of this message may contain private views and >opinions which do not constitute a formal disclosure or commitment >unless specifically stated. Should you receive this message by mistake >please inform the sender immediately. >========================================================== > > >* -----Original Message----- >* From: Suriyanto Limah [mailto:[email protected]] >* Sent: 19 December 2001 11:18 >* To: [email protected] >* Subject: [FW-1] Cannot Compile >* >* >* Dear All, >* >* When we do a compile on the FW-1 after changing, we found the >* following >* error : >* >* Standard.W: Security Policy Script generated into Standard.pf >* Standard: >* "C:\WINNT\FW\conf\Standard.pf", line 584: ERROR: macro >* identifier <smtp> >* redefined >* "C:\WINNT\FW\conf\Standard.pf", line 629: ERROR: cannot >* expand macro <smtp> >* "C:\WINNT\FW\conf\Standard.pf", line 692: ERROR: cannot find >* <table_target_list9> anywhere >* Compilation Failed. >* >* What's wrong with this error? >* >* Thanks in advanced for any idea. >* >* best regards, >* Suriyanto >* >* ================================================= >* To set vacation, Out Of Office, or away messages, >* send an email to [email protected] >* in the BODY of the email add: >* set fw-1-mailinglist nomail >* ================================================= >* To unsubscribe from this mailing list, >* please see the instructions at >* http://www.checkpoint.com/services/mailing.html >* ================================================= >* If you have any questions on how to change your >* subscription options, email >* [email protected] >* ================================================= >* > >================================================= >To set vacation, Out Of Office, or away messages, >send an email to [email protected] >in the BODY of the email add: >set fw-1-mailinglist nomail >================================================= >To unsubscribe from this mailing list, >please see the instructions at >http://www.checkpoint.com/services/mailing.html >================================================= >If you have any questions on how to change your >subscription options, email >[email protected] >================================================= > >================================================= >To set vacation, Out Of Office, or away messages, >send an email to [email protected] >in the BODY of the email add: >set fw-1-mailinglist nomail >================================================= >To unsubscribe from this mailing list, >please see the instructions at >http://www.checkpoint.com/services/mailing.html >================================================= >If you have any questions on how to change your >subscription options, email >[email protected] >================================================= > >================================================= >To set vacation, Out Of Office, or away messages, >send an email to [email protected] >in the BODY of the email add: >set fw-1-mailinglist nomail >================================================= >To unsubscribe from this mailing list, >please see the instructions at >http://www.checkpoint.com/services/mailing.html >================================================= >If you have any questions on how to change your >subscription options, email >[email protected] >================================================= > ------------------------------------------------------------ Yves Belle-Isle V.P. VE2YBI YB17 Email: [email protected] Responsable des Systemes Tel:Sogi Informatique Ltee. Fax:------------------------------------------------------------ ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|