Robert, have you told the firewall to disallow the TCP-Highports range? or
conversely, have to told the firewall to ALLOW these ports for this rule?
It looks to me as if it would work, but your firewall is doing what it's
supposed to based on your rule set. I may be wrong not able to see your
rule set, but check that out... Looks to me as if the firewall is dropping
the packets because you haven't defined the rule quite right.
>From: "Robert MacDonald" <[EMAIL PROTECTED]>
>To: [EMAIL PROTECTED]
>Subject: How FW-1 calculates PORT numbers
>Date: Tue, 29 Feb 2000 12:54:07 -0500
>
>This was posted to the Firewall-1 list last week, w/o luck.
>
>I'm in digest form, so if I could ask for any responses to be CC'd
>to me directly, in addition to the list would be greatly appreciated.
>
>- - -
>I'm having trouble understanding how FW-1 calculates port
>numbers when a client FTP's through our firewall to an FTP
>server in a DMZ. The setup is;
>
***Snip techno mumbo jumbo ;-)
>
>it too is dropped?? The following is the exported filtered logs and
>are wrapped. I did cleanup addresses and names. The empty ""
>are exactly from the log. The first one is of a 'normal' successful
>FTP session. The second belongs to the two drops below.
>
>"21Feb2000" "14:20:15" "qfe0" "m.n.o.p" "accept" "ftp"
>"ftpclient" "ftpsvr" "tcp" "7" "1084" "fw" "ftpsvr" "42353" "ftp"
>"21Feb2000" "14:29:34" "qfe0" "m.n.o.p" "accept" "ftp"
>"ftpclient" "ftpsvr" "tcp" "7" "1089" "fw" "ftpsvr" "44278" "ftp"
>
>And here is the two drops referenced above.
>
>"21Feb2000" "14:29:45" "qfe5" "m.n.o.p" "drop" "1090"
>"ftpsvr" "ftpclient" "tcp" "34" "32862" "ftpsvr" "fw" "32862"
>"44312"
>"21Feb2000" "14:31:25" "qfe5" "m.n.o.p" "drop" "44312"
>"ftpsvr" "fw" "tcp" "4" "32862" "" "" "" ""
>
>Any and all help is much appreicated. Thank you all for 'listening'!
>Robert
______________________________________________________
Get Your Private, Free Email at http://www.hotmail.com
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
