Hello,
I am hoping someone could help me understand the logic of a negate
in a DROP rule.
I have a similar rule which is as follows (IPs have been replaced):
Source Dest. Service. Action.
10.10.10.1 192.168.10.1 http Drop.
negated(X)
>From my understanding, this means all addresses EXCEPT 10.10.10.1
will be dropped. This part I understand.
However, does this mean that 10.10.10.1 will be ACCEPTED for http?
i.e. - in a negate rule, are there two parts to the logic? The first
part says all addresses except the negated one will be dropped, and
the next part says the negated will be accepted?
OR, will i need to put in another rule to allow 10.10.10.1 to go to
192.168.10.1 for http?
I am doing a negate to save having to put two rules in. What my
objective is drop all traffic for http to the 192.168.10.1
(inside my LAN) from the Internet, EXCEPT I still want 10.10.10.1
(an internet address) to be allowed.
If anyone understands exactly how negate works in a drop rule, I
would truly appreciate an explanation. (i don't have any test
machines to try this out)
Thanks!
:)
-Clarrisa
_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
