NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] Anti-spoofing and sendmail



I'm sure because the info field says "reason: local interface address spoofing"


[...]

Why are you sure it's antispoofing related. Rule 0 is FOR ALL IMPLIED RULES
not just antispoofing. Did you check the Info. field of the log to be sure
it's caused by the antispoofing ?

The most commun cause of rule 0 reject on my FW-1 is
reason: unknown established TCP packet

the second is:
message SYNDefender warning: SYN -> SYN-ACK -> RST or timeout


At 11:04 2002-01-16, Michael Glenn wrote:
>Hello all,
>
>Some quick questions on anti-spoofing and sendmail.
>
>We were using and IDS script to send e-mail alerts from our firewall (4.1).
>We recently activated anti-spoofing on the firewall's interfaces and the mail
no
>longer arrives.
>In the fw log I noticed that sendmail was using the address of the firewalls
>external interface as a source address and was therefore dropping the packets
>(rule 0 - spoofing).
>Anti-spoofing on the internal interface was configured with "This net", so I
>created a group containing the Internal network object and a new workstation
>object I created giving it the firewall's external interface IP and set this as
>the "Specific" valid address.
>
>The packets still get dropped on rule 0 - spoofing.
>
>Does the firewall service need to be restarted for spoofing rules to take
>effect?
>
>Is there something else I'm not thinking about?
>
>Thanks!
>
>Michael
>
[...]

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.