[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [FW-1] is there a "universe"
- To: [email protected]
- Subject: Re: [FW-1] is there a "universe"
- From: Lars Troen <[email protected]>
- Date: Wed, 2 Oct 2002 16:34:05 +0200
- Reply-To: Mailing list for discussion of Firewall-1 <[email protected]>
- Sender: Mailing list for discussion of Firewall-1 <[email protected]>
- Thread-Index: AcJqHJEZu1rUmoPSQlW/3raduaxDbQAA2BpA
- Thread-Topic: Re: [FW-1] is there a "universe"
On fw1 0.0.0.0/0 has traditonly been used for automatic natting to the nic address of the firewall. I believe this feature broke with the introduction og NG, but it was always a nice feature of atleast 3.0-4.1 (not sure about earlier versions).
With Raptor you usually define the universe like this and you're able to limit the trafic from this object to appear only on a specific nic.
Lars
> -----Original Message-----
> From: Ulysees [mailto:[email protected]]
> Sent: Wednesday, October 02, 2002 14:56
> To: [email protected]
> Subject: Re: [FW-1] is there a "universe"
>
>
> Any is the complete universe it equates to the network 0.0.0.0 0.0.0.0
> I think what ted is looking for here is everything not
> already known to the
> firewall
>
> As far as I know the only way of doing this is to negate the
> known objects,
> you should be able to put them into a group say "known world" and just
> negate that in your rule.
> It's not the lightest of rules though
>
> Uly
>
> ----- Original Message -----
> From: "Torkel Mathisen" <[email protected]>
> To: <[email protected]>
> Sent: Wednesday, October 02, 2002 12:56 PM
> Subject: Re: [FW-1] is there a "universe"
>
>
> > Destination: Any
> >
> > Regards,
> > Torkel
> >
> > > -----Original Message-----
> > > From: Ted Rakiewicz [mailto:[email protected]]
> > > Sent: 2. oktober 2002 13:31
> > > To: [email protected]
> > > Subject: [FW-1] is there a "universe"
> > >
> > >
> > > Is there a way in checkpoint NG to have a source or
> > > destination be "the
> > > internet" or "the outside interface". Or is the way to do it
> > > is pick every
> > > network that isn't the outside and negate the cell? I just
> > > want a rule to
> > > go from our inside LAN out to the Internet and the only way I
> > > was told you
> > > can do this is pick the other networks and negate them and
> > > that equals the
> > > Internet?
> > >
> > > thanks,
> > >
> > > ted rakiewicz
> > > element k
> > >
> > > =================================================
> > > To set vacation, Out Of Office, or away messages,
> > > send an email to [email protected]
> > > in the BODY of the email add:
> > > set fw-1-mailinglist nomail
> > > =================================================
> > > To unsubscribe from this mailing list,
> > > please see the instructions at
> > > http://www.checkpoint.com/services/mailing.html
> > > =================================================
> > > If you have any questions on how to change your
> > > subscription options, email
> > > [email protected]
> > > =================================================
> > >
> >
> > =================================================
> > To set vacation, Out Of Office, or away messages,
> > send an email to [email protected]
> > in the BODY of the email add:
> > set fw-1-mailinglist nomail
> > =================================================
> > To unsubscribe from this mailing list,
> > please see the instructions at
> > http://www.checkpoint.com/services/mailing.html
> > =================================================
> > If you have any questions on how to change your
> > subscription options, email
> > [email protected]
> > =================================================
> >
>
> =================================================
> To set vacation, Out Of Office, or away messages,
> send an email to [email protected]
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> [email protected]
> =================================================
>
=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================