Hi all, watchgguard rules does not follow checkpoints top down approach.
Instead, it acts on the packet such that the most specific rules will have greater precedence over the more general rules. e.g. if there's 2 rules. * Any Any Deny FTP * host1 Any Permit FTP The sequence of the rules does not matter. Although one of the rules says deny ftp from any to any, the second rule will still allow host1 to ftp to any. Rgds, Simon On Mon, 14 Jan 2002 15:38:19 -0400 "Fredy Santana" <[EMAIL PROTECTED]> wrote: > *This message was transferred with a trial version of > CommuniGate(tm) Pro* > Hi Everibody: > > Does anybody knows which is the order that Watchguard > reads the rules?? > > > > Saludos > Fredy R. Santana V. > Ingeniero Civil El�ctrico - CCSA - CCDA > Orion 2000 - Servicios Profesionales en Seguridad > Inform�tica > La Concepcion 322 piso 12, Providencia. > Santiago, Chile > Fono: 56-2-6403944, Fax: 56-2-6403990 > e-mail: [EMAIL PROTECTED] > http://www.orion.cl > > > _______________________________________________ > Firewalls mailing list > [EMAIL PROTECTED] > http://lists.gnac.net/mailman/listinfo/firewalls "Fanaticism consists in redoubling your efforts when you have forgotten your aim." -George Santayana, Philosopher _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
