You could try defining a new TCP service for port 1863 and leave the protocol type set to none and use this in your rule. In R65 you have an option to exclude certain services from peer to peer sharing, even tough with no SD profile one would not expect to see a drop due to SD.
-GS -----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED] On Behalf Of Martine Pablo Sent: Tuesday, April 15, 2008 5:47 PM To: [email protected] Subject: [FW-1] Smartdefense Hi: i have disabled on global properties smart defense and apply changes but in the smart tracker i can see thats is running and reject MSNMS packets Whow i can stop the smartdefense? Thanks Pablo ------------------------------------------------------------------------ --------------- Number: 237567 Date: 15Apr2008 Time: 18:18:39 Interface: eth2 Origin: firewall Type: Log Action: Drop Service: MSNP (1863) Source Port: 7405 Source: PcProxy Destination: 207.46.26.119 Protocol: tcp Attack: Malformed MSNMS packet Attack Information: Illegal command length Product: SmartDefense SmartDefense Profile: No Protection Policy Info: Policy Name: Standard_1 Created at: Tue Apr 15 15:11:25 2008 Installed from: firewall ------------------------------------------------------------------------ --------------- Scanned by Check Point Total Security Gateway. ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= Scanned by Check Point Total Security Gateway. ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
