It's the following line from the destination server trying to come back to our firewall that generates the icmp after the passive session is attempted.
Nick -----Original Message----- From: Torkel Mathisen [mailto:[EMAIL PROTECTED] Sent: Thursday, April 03, 2003 2:41 AM To: [EMAIL PROTECTED] Subject: Re: [FW-1] Passive FTP error , help I agree. This doesn't look like the line relating to the ftp. However; if you want to fix the icmp problem go to SmartDefense, IP and ICMP, Max Ping Size and increase that. You probably want to try with 128 or something. Regards, Torkel > -----Original Message----- > From: Reinhard Stich [mailto:[EMAIL PROTECTED] > Sent: 3. april 2003 08:12 > To: [EMAIL PROTECTED] > Subject: Re: [FW-1] Passive FTP error , help > > > hi, > > are you sure this is the correct log for ftp? > > if you look at the service in this line you will see that this is an > icmp packet, not tcp (as ftp is). > > please re-check your logs. > > does "normal" ftp work? do you use a special ftp-client? > > cheers > reinhard > > At 16:09 02.04.2003 -0500, you wrote: > >I have a rule for a user to go out to an Ftp server using passive-ftp > >service, accept and log. All of a sudden he cant connect anymore, and > >the log viewer > reports on > >that rule: > > > >Attack info: Echo request too long: icmp-type 8; imcp-code: 0; > > > >Any ideas? > > > >Nick Duda, CCSA > >Network Administrator > > > > > > > > > >================================================= > >To set vacation, Out Of Office, or away messages, > >send an email to [EMAIL PROTECTED] > >in the BODY of the email add: > >set fw-1-mailinglist nomail > >================================================= > >To unsubscribe from this mailing list, > >please see the instructions at > >http://www.checkpoint.com/services/mailing.html > >================================================= > >If you have any questions on how to change your > >subscription options, email > >[EMAIL PROTECTED] > >================================================= > > -- > Reinhard Stich, ASSIST [EMAIL PROTECTED] > Internet Security AG, 1190 Wien, Nussdorfer Laende 29-33 > Tel: +43 1 370 94 40 RS784-RIPE Fax: +43 1 370 94 40-10 > > ================================================= > To set vacation, Out Of Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= > ================================================= To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
