Re: [FW-1] true or false

[Matthias Leu]

Hi, the "truth, I believe in" is: For a first packet of the connection, the rulebase has to be traversed, until one rule fits. Then it will be passed because of this rule (Exception if you have rule authenticating the user). The event of accepting this first packet is stored in the State Tables. When another packet of this connection comes to the Firewall, it's tested against the "basic rules" (e.g. packet size, options, Anti-Spoofing) and then against the State Tables. The connection is stored here, so the rest of the rulebase isn't important for this packet. Hope it helps, best regards, Matthias http://www.fw-1.de "Holland, Stephen" wrote: According to this article http://www.phoneboy.com/faq/0181.html each connection attempt through CP is required to traverse the entire rule base.In my training I thought I was told once a rule matches a connection attempt the connection is accepted or dropped.Is this not the case with CP?