"Carl E. Mankinen" wrote:
>
> From I was told, it builds table entries of it's own for all the connections thru
>the firewall and
> works somewhat independently of the inspect engine. It also hooks into the logging
>daemon
> and detects log entries.
>
IIRC CPMAD is a simple log parser. It does no more than go through
logged events and apply the criteria to them, looking for things
that meet its settings. Nothing exciting to it. As far as its
picky config file and the odd memory issues, I was told the same
thing.
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
