Hello all --
I was browsing the web on mail archives and such; and came across
this... Does anyone know how this works... how to implement this?
At 07:29 5/08/98 -0700, blast wrote:
>On Wed, 5 Aug 1998, Udo Willke wrote:
>it would be very nice to have a feature by which
>you could send back a RST when denying a packet. This ofcourse would
be a
>keyword specified in coordination with some deny rule. If you really
want
>to get tricky, you can allow me to specify which idents I want to RST
close
>based on some previous Layer4 session that invoked the ident. :-)
>This way, the issue of latency caused by a hanging IDENT request would
be
>RST'ed closed as if the ident service was not available and the host's
kernel
>just sent you back the RST. (Checkpoint's Firewall-1 allows you to
specify
>a RST when denying certain packets by use of a keyword) Again, very
useful
>when a protocol is hanging and you just want to RST the darn thing
away.
I don't know exactly what this guy is talking about... Anyone have any
idea exactly how to go about this (if possible)? I am running
Checkpoint 4.1 SP2.
Thanks!
Cheers,
- John
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
