NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW-1] RPC Problems on 4.0



I'm having some problems with RPC rules on an ol' 4.0 <mumble-mumble>
firewall. I have a set of custom RPC services in the rule. That is, it's
a bunch where I manually entered the program numbers. The rule looks
something like,

 client-network      rpc-server      rpc-prog1    accept
                                     rpc-prog2
                                     ...

The problem is that it doesn't seem to poke the holes in the firewall
for the connections to pass. And yes, I have enabled RPC rules in the
"Properties" settings.

I run snoop (yes, a Solaris host) on the firewall to see what is going
on. I see the RPC portmap request come in from the client. And I see
the server respond with the TCP port number for this service. The client
tries to connect, but nothing. The firewall drops the TCP connection
attempts. But notice that it _did_ let the portmap request through.
And the portmap request is passing, according to the logs, on this rule,
and only portmap requests for the specified RPC program numbers are
allowed to pass, other portmap requests don't match the rule.

That is what's got me confused. Things seem to be kinda working, the
portmapper requests on 111/udp are passed on the right rule and only
for the right programs. But they aren't working completely, the firewall
doesn't let the incoming connection go through on the port that the
portmapper told the client about.

>From all I've read in the documentation and from testing on some another
Check Point firewall, it seems like this should work. Anyone see something
that I am missing? Or have some ideas on what I need to check? Are there
some old bugs biting me?
--
Crist J. Clark                               [email protected]
Globalstar CommunicationsThe information contained in this e-mail message is confidential,
intended only for the use of the individual or entity named above.
If the reader of this e-mail is not the intended recipient, or the
employee or agent responsible to deliver it to the intended recipient,
you are hereby notified that any review, dissemination, distribution or
copying of this communication is strictly prohibited.  If you have
received this e-mail in error, please contact [email protected]

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.