Hi All, I have a few problems with fw-1 4.1 running on Solaris 2.6. I have installed the fw-1 module and the client gui module on a Solaris machine running the end-user package distro. There is no problem putting in rules etc. But an error message would pop up at the terminal window (where I typed fwpolicy) when I double-clicked on the firewall workstation object that I have created. Other normal objects such as resources, group or workstation would not cause any error messages. For some reason, it only occurs on the firewall object. After quitting from the firewall object panel window, I would not be able to run "install the policy" (I get kicked out to terminal window actually). What I normally do is instead of running "installing the policy" I quit fwpolicy after changing any settings (spoofing for example) on the firewall object. I then run fwpolicy again and straight away run "install the policy". I can of course always start/stop the firewall. Anyway, the error msg is as follows: "OLE API Function CoCreateGuid is not currently implemented. Further warnings would be suppressed" The next problem I have is after running "fwstart", I found from running lsof a whole bunch of ports the fw is listening!!. I have double check to ensure that the fw is not accepting connections at it's control port under properties settings. Only allowed udp. Anyhow this are the ports I saw fw listening: 257 256 265 259 264 41647 41648 41649 41650 41651 41652 900 18183 18184 258 18185 847 848 925 926 Of course one can always argue to always include the first/second rule whereby no connection can be made to the fw and vice versa. But I just don't understand checkpoint why it made fw-1 to run so many ports especially as I'm only getting a fw-1 module, no vpn or any other stuff. Just a plain old firewall... no remote access either. And since I already have disabled the control/connection ports, why still listen to 256 and 257. Next, I noticed the moment I quit from the fwpolicy menu a process is executed. Running lsof tells me it's called windu_reg... and always listening to random ports. running ps -ef shows me a process called: windu_registry42 -vers 2 -prog -8 05502977 -d / -k I also notice after a while (no idea how long... definitely not a few minutes} the process would be gone. So what gives??? registry... geez, I'm running unix here!. I suspect this have got to be the x-motif gui client package. Ok, last problem I encounter is the http proxy. Whenever I tried using proxy resource, there are some problems displaying certain sites. One good example is www.register.com. When I key in a domain name to register, it would give me a blank page, which is a cgi btw. If I do not use the http proxy, I encounter no problems whatsoever. For the proxy, I did not enable stripping applets or activeX stuff. I did check all the fields such as get,post,head etc. Sorry if I was getting long winded. I would appreciate it if anyone can shed some light into my probs here. Thought I would ask here first before heading into the fw-1 mailing list. TIA. Rgrds, Wong. - [To unsubscribe, send mail to [EMAIL PROTECTED] with "unsubscribe firewalls" in the body of the message.]
