Dear Sir:
We want to design a "stateful inspection" method for
our software firewall (For NT).
---- FW-1 CONNECTIONS TABLE ---
Src_IP Src_Prt Dst_IP Dst_Prt IP_prot Kbuf Type Flags Timeout
192.168.7.131 10003 207.229.143.8 25 6 0 16385 02ffff00 2845/3600
192.168.7.131 10002 207.229.143.8 24 6 0 16385 02ffff00 2845/3600
192.168.7.131 10001 207.229.143.8 23 6 0 16385 02ffff00 2845/3600
In this table,I don't know the meaning of "Kbuf","Type" and "Flags".
Can you tell me? Or tell me How I can find the answer.
Lance said "Another thing I learned, stateful inspection for FW-1 looks only at
Source/Destination IP and Port numbers for determining a session. It does NOT care
about sequence numbers, as I was making up all sorts of whacked out sequence numbers,
which the firewall accepted. "
I have a question:
Does stateful inspection for FW-1 look only at Source/Destination IP and Port numbers
for determining a session ?
Does stateful inspection for FW-1 look only at Source/Destination IP and Port numbers
of a packet to judge if this packet is a part of a session in connection table ?
Thanks.
jianglee
10.12.2000
----------------------------------------------
��ӭʹ�� 21CN �����ʼ�ϵͳ http://www.21cn.com
Thank you for using 21cn.com Email system
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
