Re: [FW1] ftp problems :ftp.compaq.com

Thu, 21 Sep 2000 13:00:02 -0700 


To gain access to ftp.compaq.com and ftp.oracle.com,
I had to apply BOTH newline patches to base.def in
FW v4.1, SP2.

The checkpoint support references are

10043.0.7772541.27119
10043.0.7802303.27134

nyland# diff -b /etc/fw/lib/base.def.orig /etc/fw/lib/base.def
560c560,563
< #define FTPPORT(match)        (call KFUNC_FTPPORT <0x1|(match)>)
---
> // 28aug2k, g.polanski, suppress mandatory newline based upon
> //    checkpoint FTP to some servers fails (10043.0.7802303.2713413)
> //
> // #define FTPPORT(match)     (call KFUNC_FTPPORT <0x1|(match)>)
565c568
< // #define FTPPORT(match)     (call KFUNC_FTPPORT <(match)>)
---
> #define FTPPORT(match)        (call KFUNC_FTPPORT <(match)>)
567c570,575
< #define FTP_ENFORCE_NL 
---
> // 28aug2k, g.polanski, eliminate definition of FTP_ENFORCE_NL
> // 29aug2k, g.polanski, not effective to ftp.compaq.com, so put back
> // 20sep2k, g.polanski, put comment in front of #define
> //    FTP to specific servers fails (10043.0.7772541.2711982)
> //
> // #define FTP_ENFORCE_NL 



McElroy Richard C wrote:
> 
> We ran into a similar problem trying to FTP through the firewall both
> ways. File size did not matter 110 kb or 50 mb. Our issue was an
> intermittent problem that was fairly hard to replicate. Sometimes it
> would not have a problem sometimes it would. Passive and active didn't
> matter nor did the TCP high ports fix that Checkpoint suggested. We did
> a TCP dump and it seems as if the Firewall as accepting a FIN ACK before
> all of the data was passed through. At first we thought it was a problem
> with the way the FTP servers TCP/IP stacks were configured but alas this
> was not the case the same issue arose when using a SUN server as an FTP
> box. Finally we looked into the inspect code that Checkpoint uses but
> could not track down the issue. I don't know if any of this helps but
> maybe some one actually figured out what was going on.
> 
> Rick
> 


_______________________________________________________________
Greg Polanski                    mailto:[EMAIL PROTECTED]
ADC Telecommunications, Inc.     952-946-2270
MS 85                            952-946-2465 FAX
PO Box 1101                      612-538-1833 pager
Minneapolis, MN  55440-1101      [EMAIL PROTECTED]
_______________________________________________________________


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Reply via email to