Markus J�nemann wrote:
>
> Hi,
>
> Question:
> does Firewall-1 check certain FTP commands and
> expects them to occur in a single IP packet ?
If I've learned anything from the FTP data channel fun we
hade a while ago (drilling holes straight through the
firewall to any port on any computer), I'd say that FW-1
does not perform TCP stream reassembly, which makes for
some odd solutions.
Their fix for the data channel fun was to require that each
and every packet was terminated by CR/LF (that is, the
packet contained one complete command). Have you installed
this fix (or did it come pre-installed on your system?).
--
Mikael Olsson, EnterNet Sweden AB, Box 393, SE-891 28 �RNSK�LDSVIK
Phone: +46-(0)660-29 92 00 Fax: +46-(0)660-122 50
Mobile: +46-(0)70-66 77 636
WWW: http://www.enternet.se E-mail: [EMAIL PROTECTED]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
