Hi Jesus,
If I recall correctly, "operation would block" is the result of a timeout
being reached when trying to install your security policy. This timeout can
be increased. I believe the default is 25 seconds. I forget where I once
read this. Can anyone verify or come up with a document that shows what
file to modify to increase this timeout ?
HTH,
Duke
-----Original Message-----
From: Robert MacDonald [mailto:[EMAIL PROTECTED]]
Sent: Friday, February 23, 2001 10:59 AM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: Re: [FW1] operation would block
Jesus,
You have two rules that are similar and the second one
will never be chosen, hence 'Operation would block'
Dumb example:
Rule 1: any any any accept
Rule 2: ws1 svr1 http drop
Rule 1 will always win and rule 2 will never work (and
the implied cleanup rule won't work either in most cases.)
Robert
- -
Robert P. MacDonald
Global Infrastructure Group, Haworth, Inc.
Voice: +1.616.393.1247
email: [EMAIL PROTECTED]
>>> "Jesus Calvo Hernandez" <[EMAIL PROTECTED]> 02/23/01 09:47AM >>>
>hi all fw1 sufferers:
>
>does anyone has found this error when compiling the policy?
>
>Failed to Install Security Policy on fw1: Operation would block
>
>and better, does anyone how to solve it?
============================================================================
====
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
============================================================================
====
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
