[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] NBT-happy 4.0SP8 FW-1 on NT
-----Original Message----- From: Russell Washington [mailto:[email protected]] Sent: 7. februar 2002 22:36 To: [email protected] Subject: Re: [FW-1] NBT-happy 4.0SP8 FW-1 on NT >Somehow this traffic is bypassing my diagnostic rule #1, and getting out of the firewall anyway. If it is going >out via the implicit policy we're discussing, it's bypassing the top explicit rule in the rulebase to do it (and >bypassing being logged in the process). I don't remember all the details, but I saw this on 4.0 as well. I think it was the implicit rules for ICMP that I couldn't seem to get working properly. I added the implicit rules "before last", and then explicit accept/drop rules to the top of the rule base. Still, FW-1 seemed to allow ICMP in any direction, in accordance with the implicit rule. I finally threw out the implicit rules, and redid my rule-base, including explicit rules for anything that was preciously covered by Rule 0. Works like a charm now. >the helpfile says the only way to log implied rules is to handle the >traffic in question with explicit rules instead. Good idea. Get rid of all the implicit rules. Recreate them explicitly. Cheers, Anders :) ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|