This can also be done via SmartView Tracker using Tools > Block Intruder and SmartView Monitor (Tools > Suspicious Activity Rules).
what affects will happen between the connections by doing this? will it be permanent blocking/dropping or only block/drop by a time or drop the current that connections only? Cause the connections i wanna drop is a production releated connection and need them after killing the current connections. 2010/3/31, Dameon Welch-Abernathy <[email protected]>: > On Mar 31, 2010, at 1:01 AM, a bv wrote: > > I found that fw tab -t connections -x clear all the connectsion but i > what i need is drop spesicif connections by source and destinations > like > > source hosta destination hostb port xyzt > > How can i do that? > > Rather than remove entries from the connections table directly, use fw sam. > From the gateway: > > fw sam -f localhost -I srv <source-ip> <dest-ip> <service-port> <ip > protocol> > > Note this inhibits further connections from this source IP to this > destination IP on this service and IP protocol. To cancel that: > > fw sam -f localhost -C -I srv <source-ip> <dest-ip> <service-port> <ip > protocol> > > This can also be done via SmartView Tracker using Tools > Block Intruder and > SmartView Monitor (Tools > Suspicious Activity Rules). > > -- Dameon > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [email protected] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [email protected] > ================================================= > Scanned by Check Point Total Security Gateway. ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
