This table (fwx_alloc) is the NAT table, its used for mapping the real source ports with the allocated source ports from the gateway. You will also find this connection in the "connections" table, and there it will have a timeout. When the connection is removed from the connections table, it will also be removed from the NAT table.
brgds, André S. -----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[email protected]] On Behalf Of Jose Valdivia Posted At: 5. juni 2009 16:52 Posted To: FireWall-1 mailinglist Conversation: [FW-1] [FW1] - Nat time out Subject: [FW-1] [FW1] - Nat time out Hello I have quick question, if I run: # fw tab -t fwx_alloc localhost: -------- fwx_alloc -------- dynamic, id 8187, attributes: keep, sync, *expires never*, limit 25000, hashsize 8192 the part that is weird to me is *"expires never"*, that means the NAT does not have any time out, like a normal connection? fw tab -t connections localhost: -------- connections -------- dynamic, id 8158, attributes: keep, sync, *expires 60*, refresh, limit 200000, hashsize 1048576, kbuf 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30, free function f8abf8ac 0 -------- Is this NAT expires never can be changed ? I run the same command over different version and I got the same output. Thanks in advance. -- Jose Valdivia ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] ================================================= Scanned by Check Point Total Security Gateway. ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
