Hi, Have you looked at the HTTP Format Sizes, this is also a smartdefense option which you can adjust?
Kind regards, Michael -----Original Message----- From: Neil Kemp [mailto:[EMAIL PROTECTED] Sent: Monday, 7 November 2005 10:56 To: [email protected] Subject: [FW-1] Firewall Cluster rejecting certain HTTP traffic Good morning all. I have a problem on customer site at the moment, I was wondering if anyone has come across this problem, and if anyone knows of any fix that may be applied ? This issue shows when internal users are attempting to upload information via HTTP to remote servers across the Firewall. The log entry shows as (rejected traffic); Number: 288506 Date: 4Nov2005 Time: 11:29:51 Product: VPN-1 & FireWall-1 Interface: eth-s1p2c0 Origin: firewall (xxx.xxx.xxx.xxx) Type: Log Action: Reject Service: http (80) Source: xxx.xxx.xxx.xxx Destination: xxx.xxx.xxx.xxx Protocol: tcp Source Port: 1172 Information: message_info: Line in HTTP request too long Having a dig around on the Internet shows that it was/is an issue and CP's SmartDefense. In order to correct this they have to uncheck the Web Worm Catcher in SmartDefense which is something we cant do as if there is ever an attack by a worm, it gets through. Checkpoint go on to say that HFA_05 should resolve this issue, but has made no difference. Anyone got any ideas ? Thanks. ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
