[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW-1] Understanding SQLNet2 inspection in FW-1
Hi, I recently had a problem with a client pc connecting to an ORACLE 8.1.6 server via sqlnet. Tracing the connection, I was able to find this client establish a first connection on port 1521 of the server, closes this connection and then tries to open a new one on a different port (> 1024 but not necessarily high). This seems to be the "normal" behaviour of a sqlnet2 client, though I found that not all clients behave like this (may depend on the version and settings). The problem is the firewall drops this second connection, though I configured a rule with "SQLNet2" as the service, and verified that the protocol type was SQLNet2 as well. I read all the FW-1 forums about SQLNet2 and found that in some cases it works seamlessly (even when there is NAT) and in some others it doesn't. What is not clear to me is what is hiding behind the SQLNet2 protocol type. I had a look at the file "base.def", section SQLNet2 to understand how the firewall is supposed to handle this one but just found that this code was referencing some kernel functions of the firewall. Does anyone know exactly how SQLNet2 works in FW-1, in terms of inspection ? Regards. -- Emmanuel BAILLEUL Responsable du Pôle Sécurité Agence Annecy Sud-Est ascom adilan Network Integration [email protected] <mailto:[email protected]> 14 rue du Pré Paillard 74940 Annecy le Vieux Tel: 33 4 50 64 02 49 Fax : 33 4 50 64 09 98 <http://www.adilan.fr> -- Emmanuel BAILLEUL Responsable du Pôle Sécurité Agence Annecy Sud-Est ascom adilan Network Integration [email protected] <mailto:[email protected]> 14 rue du Pré Paillard 74940 Annecy le Vieux Tel: 33 4 50 64 02 49 Fax : 33 4 50 64 09 98 <http://www.adilan.fr> ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|