Dear Tristan,
Thanks a lot for your solution to wrong dynamical NAT translation in
Sunscreen EFS 2.0 . Without your help we would be still stuck on this
problem. Also Sun is not so helpful, neither on the WEB nor on the phone.
Sunsolve does not say anything clear on this enormous bug.
I don't know why bought Sun. Using mainly Linux for some years now, I forgot
the old times when we used blackholes softwares from DEC or IBM or SGI
without any possibilities to debug them. Sun spent probably too much time on
the ridiculous Y2K problems and forgot to add on their Sunscreen EFS 2.0 Web
page to simply load the STATIC NAT RULES before the DYNAMIC NAT RULES.
How could we live without this firewal mailing list?
Nicolas Brouard
Institut national d'�tudes d�mographiques
Paris
mailto:[EMAIL PROTECTED] http://sauvy.ined.fr/brouard/english
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Tristan Ball
Sent: Friday, January 28, 2000 12:10 AM
To: Nicolas Brouard
Cc: [EMAIL PROTECTED]
Subject: Re: 0.0.0.y with NAT and Sunscreen
EFS 2.0 has some very serious problems with Nat, (actually the over all
product is very shaby, it's proxies are very poor), they may have fixed
things
with 3.0.
I fixed the problems with Nat by changing the order I listed the rules,
namely
list all static rules before dynamic rules.
It's a known bug. If you've got a day to kill, do a search on SunSolve for
EFS
bugs.... :-)
T.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
