CheckPoint recommends that domain objects not be used (at least in v4.0, I
can't speak to other versions. I do not have specifics on exactly why, but
to quote them directly:
"It is recommended to not use "domain" objects for now. There
are some known problems that arise when domain objects are used in
rules. Instead you can use the URI file to define the sites."
Somewhat vague, but there it is.
Greg S.
-----Original Message-----
From: John Stevenson [mailto:[EMAIL PROTECTED]]
Sent: Thursday, June 22, 2000 8:15 AM
To: 'Little, Craig'; 'Rick Francis';
[EMAIL PROTECTED]
Subject: RE: [FW1] domain rule!?
AWESOME! Thanks!
john.
-----Original Message-----
From: Little, Craig [mailto:[EMAIL PROTECTED]]
Sent: Thursday, June 22, 2000 5:16 AM
To: Little, Craig; 'Rick Francis';
[EMAIL PROTECTED]
Subject: RE: [FW1] domain rule!?
Well,
I couldn't help myself. I wrote a simple domain rule, and it worked...
--------------------------------------
Src | Dst | Svc | Action | etc.
--------------------------------------
Any | .yahoo.com | any | drop
--------------------------------------
Isn't life going to get easier now !!
Craig/
-----Original Message-----
From: Little, Craig
Sent: Thursday, June 22, 2000 5:24 PM
To: 'Rick Francis'; [EMAIL PROTECTED]
Subject: RE: [FW1] domain rule!?
I've never used a domain in a rule, but it appears you can do it. If you try
it, can you keep us posted as to how it goes.
Create a Network object, type domain and give it a name. e.g. ".fred.com".
Note the use of the leading (.). Then add a rule to your rule base, and use
it in your destination.
This would make the creation and maintenance of Hotlists a piece of cake.
You could simply ban the .hacker.net network if they give you any bovver. I
struggled for months when a nasty chap kept using different IP addresses,
from the same ISP, in his attempts to use our mail relay for his spamming
activities.
Craig/
-----Original Message-----
From: Rick Francis [mailto:[EMAIL PROTECTED]]
Sent: Thursday, June 22, 2000 4:04 PM
To: [EMAIL PROTECTED]
Subject: [FW1] domain rule!?
application=fw-1 v4.0
os=solaris 2.6
model=ultra
what needs to be done to allow user access to a domain; a domain that has
multiple servers and keeps changing the addresses (e.g., yahoo.com)?
rf
============================================================================
====
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
============================================================================
====
============================================================================
====
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
============================================================================
====
============================================================================
====
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
============================================================================
====
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
