According to
this article http://www.phoneboy.com/faq/0181.html
each connection attempt through CP is required to traverse the entire rule base. In my training I thought I was
told once a rule matches a connection attempt the connection is accepted or
dropped. Is this not the case with
CP
Re: [FW-1] Firewall limitations
>
>
> Stephen,
>
> Your HW config sounds like a waste of resources for this
> case... Here is a
> good place to start digging for information and specs:
> http://www.checkpoint.com/products/security/vpn-1_firewall-1_p
erformance.htm
l
Igor Prokopinskiy
aste of resources for this
> case... Here is a
> good place to start digging for information and specs:
> http://www.checkpoint.com/products/security/vpn-1_firewall-1_p
erformance.htm
l
Igor Prokopinskiy
> -Original Message-
> From: Holland, Stephen [SMTP:[EMAIL PROT
I am trying to
find out what FW-1 limitations.
Limitations I would be interested in would be how many socket/flows/connections
can the state table handle before the firewall is slow or dies. What is the amount of “hits” per second
can FW-1 can handle and make stateful decisions about befo
Any one know what /opt/CPfw1-41/log/fw.vlog log file is? What logs are written there?
I am seeing a lot of “log_get_fp: log file too large” in
the /opt/CPfw1-41/log/fwd.elg file on the management station. The logs are switched every day and the
largest log I can find is 80 Megs.
I have heard 2 gigs is the point when the GUI log viewer starts to be
painfully slow, but CP
I am wondering if someone knows of a whitepaper or just
general knowledge of why firewalls are better than ACL’s. I am aware of the statefull inspection
that checkpoint can do, but with an acl you can creat rules to allow “established
connections” thus looking deaper into the packet. Stuf
I am in the situation where the enforcements point has fw.log files from
when the management station has been down for maintenance and/or before the
management server existed. Other than that all logs are transferred to the
management station where the logs are switched and archived. How can
Go to this site and download fwrules612
http://www.wyae.de/software/fwtools.html
-Original Message-
From: Iztok Umek [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, August 29, 2001 12:14 PM
To: [EMAIL PROTECTED]
Subject: [FW1] HTML ruleset
Hello!
Any good program to have HTML ruleset ge
It when a packet is destined for a device but sourced from that device.
Variables
Client 10.10.10.10
Sever 11.11.11.11
Client spoofs 11.11.11.11 and send a packet destined for 11.11.11.11 which
results in a loop back condition and could cause the server to slow or stop.
This is a CPMAD IDS
Has anyone got the fwrules60 program to work with
Checkpoint 4.1 SP-3? I can get the
objects.C file to compose a list of objects, but the rule base seem to not be
working. I am not a Perl
programmer, so I don’t know where to begin to look. Is there another working program that will
Without using SynDefender what is the default time
Checkpoint 4.1 will allow for the entire TCP handshake to take place before the
firewall will close the connection.
Also what will be logged if the connection is dropped by the firewall if
the handshake is not finished?
I am using Checkpoint 4.1 sp3 on Solaris.
I am seeing weird things in the logs that look like all
mail is being directed to one email server and not the test server I have
setup. The firewall receives mail
for ourdomain.com and then sends to the email server. I have set up a test ema
13 matches
Mail list logo
