I upgraded a Solaris 2.6 machine from 4.1SP1 with the Hotfix to SP2
I immediately noticed that some external inbound connections that
worked fine before, were being refused. I would get a rule 0 drop
with the message "unknown established TCP packet". The inbound connections
were for some standard TCP services as well as allowing for external FW1
connections from certain hosts to the management station/firewall (ie.
no unusual protocols).
In the release notes, they talked about enhancements in SP2 to
prevent some "unauthorised packets" from getting through. They said
you could stop this "upgrade feature", by uncommenting. the line
#define ALLOW_NON_SYN_RULEBASE_MATCH
I uncommented this and reloaded and the connections then worked.
Anyone seen this problem with SP2? Anyone know why the default
SP2 patch might behave this way?
Also, after doing the upgrade we've noticed that some outbound HTTP connections
sometimes just seem to stop. If you do a refresh in the web browser the
page comes through. We aren't using any of the content servers/proxies, so
I would think this must be packet related.
Any help/info/experiences anyone can provide would be greatly appreciated.
Thanks,
David Perlin
[EMAIL PROTECTED]
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
