NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] too many internal hosts--please help


  • To: [email protected]
  • Subject: Re: [FW-1] too many internal hosts--please help
  • From: Lars Troen <[email protected]>
  • Date: Thu, 22 Aug 2002 14:12:23 +0200
  • Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
  • Sender: Mailing list for discussion of Firewall-1 <[email protected]>
  • Thread-index: AcJJyH71wgvlr1V0RTyuJxYIqrlZtQACww3g
  • Thread-topic: [FW-1] too many internal hosts--please help

liu,
You can use 'fw lichosts' to see the ip's the firewall has counted. Be patient, this command is rather slow. You can get a similar output (fast) with 'fw tab -t host_table', but with hexadecimal ip addresses. If you're running dhcp your scope might need to be tighter. You can erase the files database/fwd.h* and bounce the firewall service to reset the counter.

Lars
> -----Original Message-----
> From: liu [mailto:[email protected]]
> Sent: Thursday, August 22, 2002 09:40
> To: [email protected]
> Subject: [FW-1] too many internal hosts--please help
>
>
> Hi everyone
>
> I found "too many internal hosts (314)" in my fw's(Nokia
> Firewall-1) log
> messages and a lot of them(ip) cannot even be pinged.
>
> I used "netstat -nr"  and find the number of internal host is
> under the
> licence permitted.
>
> Here is my network constructure.
>
>     router
>    |
> ----------   3->210.232.3.2/29 (DMZ)
>
> ----------   4->210.232.3.65/26(Internal Host but own ip that can be
> routed)
>
> ----------   5->192.168.3.1/24 (For GUI Client)
>
> I put the licence on the interface 3(210.232.3.2) and install my fw
> module on the interface 4(210.232.3.65).
>
> The hostname is "fw" with ip address the same as interface 3.
>
> Should I neglect the message for my firewall works well and I obey the
> licence.If it is important ,can anyone tell me how to solve it?
>
> Thanks in advance.
>
> =================================================
> To set vacation, Out Of Office, or away messages,
> send an email to [email protected]
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> [email protected]
> =================================================
>

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.