If we allow SKIP (IP protocol=57) through the FW, can we do stateful inspection and only allow outbound connections (or do we have to create a rule to allow traffic in both directions)??? I searched the archive and found the following advice, but it wasn't clear to me what the "normal" way is: "Add a new service, type 'Other', called SKIP and in the 'Match' field enter ip_p = 57. Then just use this service in a rule as per normal." ________________________________________________________________________ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
