Why are you sure it's antispoofing related. Rule 0 is FOR ALL IMPLIED RULES not just antispoofing. Did you check the Info. field of the log to be sure it's caused by the antispoofing ?
The most commun cause of rule 0 reject on my FW-1 is reason: unknown established TCP packet the second is: message SYNDefender warning: SYN -> SYN-ACK -> RST or timeout At 11:04 2002-01-16, Michael Glenn wrote: >Hello all, > >Some quick questions on anti-spoofing and sendmail. > >We were using and IDS script to send e-mail alerts from our firewall (4.1). >We recently activated anti-spoofing on the firewall's interfaces and the mail no >longer arrives. >In the fw log I noticed that sendmail was using the address of the firewalls >external interface as a source address and was therefore dropping the packets >(rule 0 - spoofing). >Anti-spoofing on the internal interface was configured with "This net", so I >created a group containing the Internal network object and a new workstation >object I created giving it the firewall's external interface IP and set this as >the "Specific" valid address. > >The packets still get dropped on rule 0 - spoofing. > >Does the firewall service need to be restarted for spoofing rules to take >effect? > >Is there something else I'm not thinking about? > >Thanks! > >Michael > >================================================= >To set vacation, Out Of Office, or away messages, >send an email to [EMAIL PROTECTED] >in the BODY of the email add: >set fw-1-mailinglist nomail >================================================= >To unsubscribe from this mailing list, >please see the instructions at >http://www.checkpoint.com/services/mailing.html >================================================= >If you have any questions on how to change your >subscription options, email >[EMAIL PROTECTED] >================================================= ------------------------------------------------------------ Yves Belle-Isle V.P. VE2YBI YB17 Email: [EMAIL PROTECTED] Responsable des Systemes Tel: (819) 379-3446 Sogi Informatique Ltee. Fax: (819) 379-3449 ------------------------------------------------------------ ================================================= To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
