|
|
|
|
|
|
|
|
 |
 |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] NG FP1 and retaining connections on rulebase reload
Basically that if I reload an existing policy (with a slight tweak to an unrelated rule), then the connection table will be flshed; the reason I suspect this is that after getting the usual control messages in the log that a new reulebase is in, I start gettting a lot of out of state entries for various connections in the log. The messages are pertaining to connections that were alive before the reload. Likewise, any SSH connections to the filter nodes themself will be locked upand dead after reloading. ttfn, A Jim Parker <[email protected]> writes: > I've used FP1 in test and the state table isn't reloaded on policy apply. > Unless its a VPN connection. I'm sure there are other criteria that may be > reset but on the whole I find it behaves much like 4.1. > > What difference do you notice? > > jp > > -----Original Message----- > Subject: [FW-1] NG FP1 and retaining connections on rulebase reload > > > This may be flogging a dead hose, but I've looked high and low for an > answer to this, and I only find answers for 4.1, not NG. > > If I wish to have the firewall set to behave like 4.0 did by default, > and 4.1 can be tweaked to do, i.e. retaining the connection table when > reload the ruleset, is there any way at all of getting this done? > > ttfn, > A > > PS: And now I'll brace my self for the imminent 20-30 or so "out of > office replies" that usually comes along from posting here ;) > > -- > Alexander Hoogerhuis | [email protected] > CCNP - CCDP - MCNE - CCSE | +47 908 21 485 > "You have zero privacy anyway. Get over it." --Scott McNealy > > ================================================= > To set vacation, Out Of Office, or away messages, > send an email to [email protected] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [email protected] > ================================================= > > ================================================= > To set vacation, Out Of Office, or away messages, > send an email to [email protected] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [email protected] > ================================================= -- Alexander Hoogerhuis | [email protected] CCNP - CCDP - MCNE - CCSE | +47 908 21 485 "You have zero privacy anyway. Get over it." --Scott McNealy ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|
||||||||||
 |
 |
 |
 |
 |
 |
 |
 |
 |
|
