I had the same problem when I upgraded to SP2. I got this off of
Checkpoints site and I worked for me.
Solution: FTP to some servers fails (10043.0.7772541.2711982)
Edit the /$FWDIR/lib/base.def file to allow this behavior:
1. Stop the FireWall (fwstop)
2. Edit the $FWDIR/lib/base.def:
Change it from:
#define FTPPORT(match) (call KFUNC_FTPPORT <0x1|(match)>)
//
// Use this if you do not want the FireWall module to insist on a newline at
the
// end of the PORT command:
// #define FTPPORT(match) (call KFUNC_FTPPORT <(match)>)
To:
//#define FTPPORT(match) (call KFUNC_FTPPORT <0x1|(match)>)
//
// Use this if you do not want the FireWall module to insist on a newline at
the
// end of the PORT command:
#define FTPPORT(match) (call KFUNC_FTPPORT <(match)>)
(The change is to comment the first line, and uncomment the last one)
3. Start the FireWall (fwstart)
4. Re-install the policy
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Thursday, August 31, 2000 1:33 PM
To: [EMAIL PROTECTED]
Subject: RE: [FW1] FW1-4.0 SP7 ftp enforcement connection problem
Does the following problem and fix also apply to FW-1 SP2 on Windows NT? We
have had difficulties FTp'ing to Compaq and only Compaq for some reason.
Thanks for any help.
Brian
LEYMARIE Gerard <[EMAIL PROTECTED]>@lists.us.checkpoint.com
on 08/31/2000 03:39:24 AM
Sent by: [EMAIL PROTECTED]
To: [EMAIL PROTECTED], [EMAIL PROTECTED]
cc:
Subject: RE: [FW1] FW1-4.0 SP7 ftp enforcement connection problem
Hello,
I had the same problem, since SP6 you have to to do following steps:
1. Stop firewall-1 (fwstop)
2. Edit the $FWDIR/lib/base.def
3. Mark out the following line:
#define FTP_ENFORCE_NL
to:
//#define FTP_ENFORCE_NL
4. start Firewall-1 (fwstart)
5. Re-install the policy
With this you will be able to accept FTP headers without "\r\n"
-----Original Message-----
From: Jean-Olivier LeBrun [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, August 30, 2000 7:55 PM
To: [EMAIL PROTECTED]
Subject: [FW1] FW1-4.0 SP7 ftp enforcement connection problem
Hi ,
i'm running FW1 4.0 SP7 and since i upgrade my firewall to SP7 , my user
cannot connect using ftp
to some site like ftp.compaq.com .
I know in the SP7 Checkpoint enforce the FTP connection security.
Any ideas ?
Thx
____________________________________________
Jean-Olivier Le Brun
CCSA CCSE
20 Place Du Commerce
Iles-Des-Soeurs
H3E 1P6
[EMAIL PROTECTED]
http:/www.cgi.ca
____________________________________________
============================================================================
====
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
============================================================================
====
============================================================================
====
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
============================================================================
====
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
