Felipe Almeida a écrit :
Hi,
This is my frist post on this list. I got a problem with SmartDefense.
Some weird stuff is happening with it. Even if I disable the
SmartDefense on my gateway, some rules are applied and I cannot have
some basic services, such as FTP, working.
The basic FTP through a text interface isn't workin anymore. I got a
messages like:
IP address mismatch in port/227 command - header IP different from
command IP
The packet was modified due to a potential Client 227 Intrusion Attack
Port/227 command missing a newline character
There wasn't any significang changes on the firewall or SmartDefense.
It worked before and suddenly it starts to happen.
Is there a way to completely disable SmartDefense from my FW1 so I can
check if the FTP will work?
the best is to declare another service with the same destination port,
and don't specify the application type.
if this servcie is matched, there shouldn't be any smartdefense check
based on the application.
this is the best way I found to "disable" smartdefense for only a set of
src/dst/port.
It won't be a good idea to completely disable smartdefense.
Scanned by Check Point Total Security Gateway.
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
