yes, my idea is to let pass the traffic necessary to continue working the application. Take off the contentions.
----- Original Message ---- From: sin <[EMAIL PROTECTED]> To: [email protected] Sent: Friday, January 4, 2008 7:59:02 PM Subject: Re: [FW-1] Check Point Drop out of state TCP packet Alex Hayes wrote: > I have severals messages of: > > TCP packet out of state: First packet isn't SYN; tcp_flags: RST > TCP packet out of state: First packet isn't SYN; tcp_flags: RST > TCP packet out of state: First packet isn't SYN; tcp_flags: RST > TCP packet out of state: First packet isn't SYN; tcp_flags: RST > TCP packet out of state: First packet isn't SYN; tcp_flags: ACK > TCP packet out of state: First packet isn't SYN; tcp_flags: RST > TCP packet out of state: First packet isn't SYN; tcp_flags: RST > TCP packet out of state: First packet isn't SYN; tcp_flags: RST > > Do you know why? maybe because a new tcp connection needs to have it's first packet with the SYN bit set and from what your logs say, the packets dropped don't have the SYN bit set. > > I read that I need to go to Policy ---Global Properties---- > Stateful Inspection and deselect the flag "Drop out of state TCP packet" yup, it will keep your logs clean. ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ____________________________________________________________________________________ Never miss a thing. Make Yahoo your home page. http://www.yahoo.com/r/hs ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
