[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] TCP Sequence validator problem
Thanks Marc I did disable the TCP Sequence validator and it is quiet now. There seem to be a lot of thing on by default in Smart Defence and it provides little information in the log viewer as to what is dropping the packets. Thanks for feedback. ----- Original Message ----- From: "Marc Elsen" <[email protected]> To: <[email protected]> Sent: Thursday, February 06, 2003 2:37 PM Subject: Re: [FW-1] TCP Sequence validator problem > > Dave Whitehouse wrote: > > > > I am getting a lot of errors reported in the log as follows: > > > > "TCP sequence validator: dropped packet with data out of window;" > > > > The firewall is Solaris 8 and NG FP2. > > > > I have disabled the logging TCP sequence out of state errors in the > > global properties. > > > > Has anyone else seen this and has any one got any ideas how to get rid > > of it ? > > Probably by disabling the sequence verifier for TCP in SmartDefense > settings (I am on FP3). Or in FW. properties whatever the FP2 > term would be (God bless). > > I have been experimenting a little bit the with the sequence > verifier in FP3. > I noticed the same thing as you , when initially using it > with default options for packets originating from my web cache > box (squid) going to remote webservers on the internet. > > Since, this box has been working flawless for years. I decided > that Mr. 'Sequence verifier' may not always behave correct. > > I then changed the 'Track on' value from 'anomalous' to suspicous , and > it didn't complain anymore in the logviewer. > > Not that disabling logging of actions of this facility may in > case of wrong behavior to you not noticing thet fw-1 is dropping > packets which should not be dropped. > > M. > > > > We have a packet shaping device on one side of the firewall and > > wondered if this could be causing the problem as alters the windowing > > of packets. > > > > Any thoughts would be appreciated. > > > > Regards > > > > Dave Whitehouse > > -- > > 'Time is a consequence of Matter thus > General Relativity is a direct consequence of QM > (M.E. Mar 2002) > > ================================================= > To set vacation, Out Of Office, or away messages, > send an email to [email protected] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [email protected] > ================================================= ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|