Hi Zhou, In NG FP2, you can uncheck the "Drop out of state TCP packets" in Global Properties > Stateful Inspection to make the firewall behave similar to:
#define ALLOW_NON_SYN_RULEBASE_MATCH in Version 4.1. There are also options to uncheck "Drop out of state UDP packets", and also to disable logging of these "out of state packets" as well. In version 4.1, these are known as "unknown established TCP packets" but in NG they are redefined as "packets out of state"; and henceforth the configuration in the Stetful Inspection section. Cheerios, Vic --- Zhou Wen Bo Bobby NCS <[EMAIL PROTECTED]> wrote: > After upgrade 4.1 to NG FP2 I cannot find the > $FWDIR/lib/fwui_head.def file, > where I used to put "#define > ALLOW_NON_SYN_RULEBASE_MATCH > ". > > How can I make sure the same feature is enabled in > NG FP2? where actually > the configuration goes? > > ================================================= > To set vacation, Out Of Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= __________________________________________________ Do you Yahoo!? New DSL Internet Access from SBC & Yahoo! http://sbc.yahoo.com ================================================= To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
