[FW1] One rule policy can't compile? (4.x Management -> 4.x Firewall)

Wed, 30 Aug 2000 10:17:55 -0700 



OKay, I'm at a loss here ... I installed a 4.0 Management Server over a
month ago that, until recently, was talkign to a 3.x Firewall Module
... no probs, everything ran smoothly.

This week, upgraded that (or am trying to) 3.x Firewall to a 4.x ... but,
for the life of me, I can't even get a simple "let everything
through" policy to compile on the Management station ...

the .W file looks like:

=====
(
        :rule (
                :src (
                        : Any
                )
                :dst (
                        : Any
                )
                :services (
                        : Any
                )
                :action (
                        : accept
                )
                :track (
                )
                :install (
                        : asbestos
                )
                :time (
                        : Any
                )
                :comments ()
        )
)
=======

simple ...

the errors look like:

ThisIsATest:
"/etc/fw/lib/base.def", line 437: ERROR: cannot find <PMAP_CONNECT_TIMEOUT> anywhere
"/etc/fw/lib/base.def", line 474: ERROR: unknown macro or function <rpc_insession>
"/etc/fw/lib/auth.def", line 35: ERROR: unknown macro or function <rpc_insession>
"/etc/fw/lib/auth.def", line 37: ERROR: syntax error
"/etc/fw/lib/auth.def", line 37: ERROR: table <client_auth> has no predefined format
"/etc/fw/lib/auth.def", line 44: ERROR: unknown macro or function 
<PASS_CLNTAUTH_SPECIFIC>
"/etc/fw/lib/auth.def", line 51: ERROR: syntax error
"/etc/fw/lib/auth.def", line 52: ERROR: table <client_auth> has no predefined format
"/etc/fw/lib/auth.def", line 57: ERROR: table <check_alive> has no predefined format
"/etc/fw/lib/auth.def", line 76: ERROR: unknown macro or function <rpc_insession>
"/etc/fw/lib/auth.def", line 83: ERROR: unknown macro or function 
<CHECK_CLNTAUTH_SPECIFIC>
Compilation Failed.

not so simple ...

Try to copy it over to the Firewall Module itself and run 'fw load' on it,
and it gives me:

================
asbestos:/etc/fw/conf> fw load ThisIsATest.W 
Failed to read rule file:
"ThisIsATest.W", line 18: ERROR: Cannot use <::asbestos>: Not in Scope
 
Failed to read rule-base 'ThisIsATest.W'
================

I'm still plugging away at this, but does anyone have any ideas?

Marc G. Fournier                                 [EMAIL PROTECTED]
Senior Systems Administrator                            Acadia University

  "These are my opinions, which are not necessarily shared by my employer"




================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Reply via email to