[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[FW-1] install policy drops connections ?
- To: [email protected]
- Subject: [FW-1] install policy drops connections ?
- From: Massimiliano Panichi <[email protected]>
- Date: Fri, 30 Aug 2002 15:03:57 +0200
- Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
- Sender: Mailing list for discussion of Firewall-1 <[email protected]>
- User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.1) Gecko/20020826
This is the version I'm using on Solaris
This is Check Point VPN-1(TM) & FireWall-1(R) Version 4.1 Build 41489
[VPN + DES]
kernel: Version 4.1 [VPN + DES] Build 41487
I've written a little perl script to track connections with the command
"fw tab -t connections" and this is what happen when I install a policy
(at 11:54:24 for the example below).
TIMESTAMP MAX TOT ATTIV CLOSED NOTUSE ESTERN
PRODUZ NAVIG
11:44:24 25000 10289 25185046 683
11:45:35 25000 10130 26024878 708
11:46:43 25000 10959 25835179 764
11:47:55 25000 9761 26344659 842
11:49:11 25000 10911 25885312 844
11:50:21 25000 9396 26484571 737
11:51:30 25000 9677 27324771 825
11:52:40 25000 10990 27125217 824
11:53:52 25000 9391 28274603 796
----
11:54:57 250000 215
2229 415
11:56:05 250000 282
4045 726
11:57:14 25000 8033 1051 6406 0 351
4120 711
11:58:21 25000 8104 1122 6431 1 343
4081 688
11:59:30 25000 9468 1256 7694 5 362
4720 761
12:00:38 25000 7865 1354 6003 5 384
4078 633
12:01:46 25000 8700 1318 6876 4 391
4139 984
12:02:55 25000 8791 1614 6681 6 421
4567 686
12:04:04 25000 9072 1703 6858 10 427
4766 507
12:05:15 25000 9920 1724 7736 5 470
5169 652
12:06:22 25000 8400 1812 6146 3 444
4399 609
MAX = max number of configured connection
TOT = number of connections in connections table
ATTIV = active connections (not used for a time < timeout/3)
CLOSED = connections closed (with timeout changed to 50s)
NOTUSE = connections not used for a time > timeout/3 ,
so I think these connections will passed to close without
receiving a FIN packet
ESTERN = inbound connections
PRODUZ = internal traffic
NAVIG = our navigation
I see a big change in number of connections when I installed a new
policy (see
the line with ---) and the numbers seems to say that all the connections
where purged from the hash table.
So, because I'm new to Checkpoint administration,
- what's happen ?
- Is there documentation about it ?
- Is there a configuration tips for mantain connections
during policy installation ?
=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================
