[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] any fw any drop as first rule - are we locked out?
Rule 0 or implied rules, which is the settings in the policy->properties->security policy tab of the policy editor GUI. You can see the implied rules by clicking view->Implied rules. As you can see, the default settings allow quite a bit more than you might expect. This is why experienced firewall administrators disable the accept firewall-1 control connections setting and use more specific rules of their own devise. BTW, when you get a rule 0 log entry you now know where it came from. You probably would have asked about that sooner or later but now you don't have to :-) HTH Steven McNutt, CCIE #6495, CCSE #6224, MCSE President LightningCloud Technologies bus:cel:[email protected] -----Original Message----- From: BH [mailto:[email protected]] Sent: Monday, April 08, 2002 11:50 PM To: [email protected] Subject: [FW-1] any fw any drop as first rule - are we locked out? if the first rule in a rulebase is any fw any drop how does on re-establish connections from mgmt station to fw module to download new policies? Thanks in advance b ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|