On Mon, 23 Apr 2007, Ken Cameron wrote:
If I enable new options in SmartDefence it fails on the policy install
with the following (or something very like this):
Error in file base.def line 664
Internal error LenLimit displacement too big
4284 (max=4080)
The issue from other discussions I recall was some internal limit that
isn't sized right for the number of smart defense rules we have today.
So to turn on a new 'hot' rule I find I have to turn off some older rule
(like something I know has been patched on our systems). Or is there
some cure short of upgrading to Rxx or something??
In my view SmartDefense support is limited on R55. Did you check to make
sure you are on the latest HFA? (HFA-19 is the latest for R55.)
Some issues have been resolved with HFA upgrades in the SmartDefense
handling. Even some for which I could not find a clear description in the
release notes.
But if you are intend on using state of the art SmartDefense settings it
might be wise to make sure the remainder of the firewall is likewise
up-to-date.
Overal I have the distinct feeling that Smart Defense updates more or less
assume you update the rest also rather frequently.
What would be your exact version according to the `fw ver` command?
Hugo.
--
[EMAIL PROTECTED] http://hugo.vanderkooij.org/
This message is using 100% recycled electrons.
Some men see computers as they are and say "Windows"
I use computers with Linux and say "Why Windows?"
(Thanks JFK, for the insight.)
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
