I would check the rule number that is associated with the drop. It may be
that a rule above your 'Domain-Accept' rule is dropping the packet. Also
have a look in the policy-->properties box and see if two 'Domain Name'
check boxes are checked and what they say next to them (e.g. Before Last).
HTH
Russell Goodwin
-----Original Message-----
From: J L [mailto:[EMAIL PROTECTED]]
Sent: 14 November 2000 10:23
To: [EMAIL PROTECTED]
Subject: [FW1] Domain-udp on accept, domain on drop
I'm seeing something very strange in my firewall logs.
It's about a dns behind a fw1 4.1 sp1. Without
changing any rule, when the dns server asks another
dns outside my network, sometimes the fw accepts it,
sometimes drops it.
When accepting, the logs shows 'domain-udp' in the
'service' column. When droping it, it shows 'domain'
service. Both rules has 'long' track enable.
It happends in block, i mean, there are, for example,
20 lines accepted, then another 15 dropped, and so on.
anyone can help me?
_______________________________________________________________
Do You Yahoo!?
Consiga gratis su direcci�n @yahoo.es en http://correo.yahoo.es
============================================================================
====
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
============================================================================
====
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
