Date: Thu, 23 Aug 2007 14:27:29 -0700
From: cisco4ng <[EMAIL PROTECTED]>
Subject: Urgent: rule number is missing in SmartView Tracker.
Provider-1 NG/AI R55 with HFA_20 on SPLAT.
Any Any telnet Accept account
Problem is that I have a host outside the firewall performing
"telnet" to a host inside the firewall.
The problem is that under "log" of the SmartView tracker,
I do NOT see the rule # in the column section. It shows
up as blank. Why? Is it a bug or what?
I have FW-1 NGX R61/HFA01 on Splat-
Looking at our logs, the accounting records without rule numbers
correspond to long-running connections that started before the
current log file. Find the log entry in the older log file
that contains entries around the time the connection was initially
created-- that entry will report the rule number.
In NGX, If you look at the record details, more columns, (or
enable the "Start Time" column in the tracker display) that should
tell you when to look. I hope something similar works for you in
R55. There's also an "Elapsed" field, but that is NOT the total
duration of the connection so far. I'm not really sure what it's
reporting, perhaps the time since a previous accounting record was
created for this connection?
Hope this helps-
-Larry
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
