[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] TCP Packet out of state messages
Why dont you just choose to stop logging them. You should not really allow them through as they are not established. ----- Original Message ----- From: "egonle" <[email protected]> To: <[email protected]> Sent: Friday, January 31, 2003 8:37 PM Subject: Re: [FW-1] TCP Packet out of state messages IMHO, you shouldn't select that option. It will enable fw-1 to forward (out of state) packets according to the rulebase. That means a new connection does not have to be setup by a 3-way tcp handshake just an ACK bit set is ok to allow the connection. "Laidlaw, Rob" <[email protected]> wrote: >The option tells checkpoint when its confronted with an out-of-state packet, should it try to recove the session or just drop it. It will not get rid of the out-of-state packets because something has caused it to be flagged as out of state, for instance, traffic to a dynamic nat after the translation has expired. > >Hope this helps. > >Rob > >-----Original Message----- >From: John Hall [mailto:[email protected]] >Sent: Wednesday, January 29, 2003 11:22 AM >To: [email protected] >Subject: [FW-1] TCP Packet out of state messages > > >I am planning to: > >Select: Drop out of state TCP packets option under Stateful Inspection in >Global Properties on NG FP2 in order to rid myself of those TCP Packet out >of state messages.I assume this will do the job. Are there any unwelcome >side effects? >Should I reboot the machine after selecting this option? >Our firewall is in a Solaris 8 HA configuration. > > >Thanks > >John > > >+++++++++++++++++++++ > John Hall > TD Waterhouse > 201 Deansgate > Manchester UK > DDI> Internal 36235 >www.tdwaterhouse.co.uk >+++++++++++++++++++++ > > > > >--------------------------------------------------------------------------- -------------------------------------------------------------------- > >Notice for email communications. > >Confidentiality: This email and its attachments are intended for the above >named only and may be confidential. If they have come to you in error you >must take no action based on them, nor must you copy or show them to >anyone; please reply to this email and highlight the error. > >Viruses: Although we have taken steps to ensure that this email and >attachments are free from any virus, we advise that in keeping with good >computing practice the recipient should ensure that they are actually >virus-free. > >A subsidiary of the Toronto-Dominion Bank, TD Waterhouse Investor Services >(Europe) Ltd is a member of the London Stock Exchange and OFEX and is >regulated by the Financial Services Authority. Registered in England No. >2101863. Registered Office 14/18 Finsbury Square, London EC2A 1DB. VAT >Registered No. 397 1030 51. > >================================================= >To set vacation, Out Of Office, or away messages, >send an email to [email protected] >in the BODY of the email add: >set fw-1-mailinglist nomail >================================================= >To unsubscribe from this mailing list, >please see the instructions at >http://www.checkpoint.com/services/mailing.html >================================================= >If you have any questions on how to change your >subscription options, email >[email protected] >================================================= >Disclaimer - 01/29/2003 >This information in this email is confidential and may be legally privileged. It is intended solely for Mailing list for discussion of Firewall-1. Access to this Internet email by anyone else is unauthorized. > >EnvestnetPMC, Inc. does not accept time-sensitive transactional messages, including orders to buy and sell securities, account allocation instructions, or any other instructions affecting a client account, via e-mail. > >If you are not the intended recipient of this email, any disclosure, copying, or distribution of it is prohibited and may be unlawful. If you have received this email in error, please notify the sender and immediately and permanently delete it and destroy any copies of it that were printed out. When addressed to our clients, any opinions or advice contained in this email is subject to the terms and conditions expressed in any applicable governing EnvestnetPMC terms of business or agreements. > >================================================= >To set vacation, Out Of Office, or away messages, >send an email to [email protected] >in the BODY of the email add: >set fw-1-mailinglist nomail >================================================= >To unsubscribe from this mailing list, >please see the instructions at >http://www.checkpoint.com/services/mailing.html >================================================= >If you have any questions on how to change your >subscription options, email >[email protected] >================================================= > __________________________________________________________________ The NEW Netscape 7.0 browser is now available. Upgrade now! http://channels.netscape.com/ns/browsers/download.jsp Get your own FREE, personal Netscape Mail account today at http://webmail.netscape.com/ ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] ================================================= ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|