Hi all,
I've got some questions about Checkpoint Fw4.1
a). I installed my rulebase and everything works as it has to be... for a
couple of days. Suddenly(nothing changed) I couldn't resolve any internet
names anymore (caching-only DNS-server) (al the rest is working) an I see
nothing unusual in the log's(no denied or rejected packets). When I
uninstall the rule and put a rule that allows everything, it works again. I
didn't change anything in the implied rules. What could cause this?
(I run Checkpoint 4.1(2000) on Linux6.2 kernel 2.2.14-5.0.
b) I see something strange in my fw-log:
when people surf the web, everything is ok, but on regular base, I got a
"reject" for http, while the other packets of those connections
are accepted (what they should be). The interface who rejects is "daemon".
See part of log below:
NO. Date Time Inter. Origin Type Action Service Source
Dest. Proto. Rule S_Port
...
565 23aug2000 11:41:28 -> eth2 fwall log accept http client
dest tcp 1 27772
566 23aug2000 11:41:28 -> eth2 fwall log accept http client
dest tcp 1 27777
567 23aug2000 11:41:29 -> eth2 fwall log accept http client
dest tcp 1 27772
568 23aug2000 11:41:36 -> daemon fwall log reject http client
dest tcp 0 27795
...
This happens very frequently (also with other protocols)...
Is there somebody who can explain what this mean?
thanks,
Tom
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
