Kevin,
The port is the service port number defined either in fw-1 or the
services file and refers to the service the client is requesting.
The s_port is the client source port used or established in the
three way handshake.
For example you can test this yourself. Start a telnet session to
or through the fw and then check the local client netstat for
that connection. Also look in the fw log and match it up.
You'll see that port is 'telnet' or '23'(if that's what your is...)
and the s_port will match your local client netstat output.
If your NATting, then you'll see in the xlate... columns the
port translation also. You get a fair amount of data in the
log viewer, and once you understand what your looking
at, a fair amount of information.
Did this make sense?
Robert
- -
Robert P. MacDonald, Network Engineer
e-Business Infrastructure
G o r d o n F o o d S e r v i c e
Voice: +1.616.261.7987 email: [EMAIL PROTECTED]
>>> "Kevin Leong" <[EMAIL PROTECTED]> 6/19/00 10:56:39 PM >>>
>
>Hi all,
>
>What is the differences between the port and the source port range? I have
>seen the log viewer and the port is the services used, but the source port
>is always different although I am using the same service. Could anyone out
>there please clear my mind about this?? Thanks.
>
>Kevin
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
