Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] drop, icmp, rule 0 from broadcast? HELP!

To: [email protected]
Subject: Re: [FW-1] drop, icmp, rule 0 from broadcast? HELP!
From: Damian Jaume <[email protected]>
Date: Wed, 26 Dec 2001 10:32:08 -0300
Importance: Normal
In-reply-to: <[email protected]>
Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
Sender: Mailing list for discussion of Firewall-1 <[email protected]>

have you tried to set a rule at the begining of the rule base that drops
that kind of traffic without logging it.

Alsow check if in the policy properties in the Accept ICMP check box how do
you handle the ICMP traffic, if it is set as first, put it BEFORE LAST.

I hope this helps you.

-----Mensaje original-----
De: Mailing list for discussion of Firewall-1
[mailto:[email protected]]En nombre de Yanek
Korff
Enviado el: viernes, 21 de diciembre de 2001 15:44
Para: [email protected]
Asunto: [FW-1] drop, icmp, rule 0 from broadcast? HELP!


I have a FW in place, not yet in production, and it's CONSTANTLY loggging
these drops:

Interface: internal interface
Type: log
Action: drop
Service: hiport (>1024)
Source: 10.1.255.255
Destination: Various internal 10.1.x.x hosts
Proto: icmp
Rule: 0
S_Port: 771

And I can't get them to stop logging.  What are these, and how do I get rid
of them?  They're really filling up my FW logs.

I've tried setting the network object "LAN" (10.1.0.0/255.255.0.0) to
disallow broadcast... and allow broadcast... both to no avail.

-Yanek.

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

References:
- [FW-1] drop, icmp, rule 0 from broadcast? HELP!
  - From: Yanek Korff <[email protected]>

Prev by Date: [FW-1] Matthew Tim/CTR/CTC is out of the office.
Next by Date: [FW-1] Installation?
Previous by thread: [FW-1] drop, icmp, rule 0 from broadcast? HELP!
Next by thread: Re: [FW-1] drop, icmp, rule 0 from broadcast? HELP!
Index(es):
- Date
- Thread