On Fri, 11 Aug 2000, Robert MacDonald wrote:
> Now, with that said, your right, the firewall should add
> this connection back to the state table. But I'm wondering
> who is terminating the connection. What does the fw log
> say happens to this connection(e.g. what happens to the
> very next packet the firewall sees from this application) after
> the rulebase is installed?
I show an accept. IIRC wasn't there a similar problem with Citrix or MS
Term Serv users - that a policy install would break their connection? I
guess I am just looking for clues as to what makes Haht's protocol
different from say secure shell, which doesn't drop a conenction with a
new policy install.
> How long does it take to compile & install the
> rulebase? Timeout issue?
Actually that could be a possibility, because it does take a few seconds
(< 15) for a new policy to get compiled and installed.
Thanks for the reply!
Matt
--
Matthew S. Cramer <[EMAIL PROTECTED]> Office: 717-396-5032
Lead Security Analyst Fax: 717-396-5590
Armstrong Information Technology Services Pager: 888-769-9367
Armstrong World Industries, Inc. Cell: 717-951-0141
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
