This all has to do with the "statefull inspection" of TCP packets...
Unknown established TCP packet means the firewall didn't receive
a SYN first... so it blocks / drops and logs the packet...
Regards,
Brenno
> -----Original Message-----
> From: Winway [SMTP:[EMAIL PROTECTED]]
> Sent: dinsdag 3 juli 2001 12:53
> To: [EMAIL PROTECTED]
> Subject: CheckPoint FW1 - unknown established TCP packet
>
> I set the only policy: any any accept
> but the Log Viewer shows that there are still many packets dropped,and the
> info. column shows "reason: unknown established TCP packet".
> who can tell me why? thanks.
>
> ��(�������*.���{&���(��]��,j�m������ɨh��&�*���e�f��)��+-�*���e�X���'i��
> m����l�v����������+-�w����{�
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls
