[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW-1] RSH and FW-1 4.1 SP6
Hi All, im having problems with rsh through the firewall (yes im aware rsh is not the best security practise) Setup: FW-1 4.1 with SP6 on SPARC Solaris 7 32bit I have an rsh client and rsh server running on linux. when these are connected on the same subnet, rsh between the two works perfectly well. when i place the firewall between the two, everything works as expected, except for rsh connections, that are either very slow (up to and over a minute to respond), or doesnt work at all. telnet/ssh etc.. to both linux boxen works ok i initially put a rule on my fw: src: client dst: server service: rsh(tcp 514) action: accept track: long In the logs i see the request going from client to server as accepted I then see dropped traffic from the server back to the client. Should I being seeing this at all in the logs ? Am I wrong in thinking that the firewall should track the state of the rsh connection, and recrdo it in the state table, like it does for other traffic ? (Yes I enabled RPC Control in Policy -> Properties ...) Since this is a test firewall, i then put a 'any any accept' rule to avoid any problems with restrictive rules. Now in the logs i see the traffic initiated to/from the client & server as before, but all log entries are accept (due to my any any accept rule), and I eventually get a reply to my rsh request (like 2 minutes later)!!! Any idea what could be causing this slowness issue ? Thanks in advance for any help Mark ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|