[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW1] Logs messages, I'm confused ??
Make sure that all of the rules in that policy got applied to that particular firewall. If you have a mix of "gateways" and "specific-fw" in the "install-on" field, then you might have inadvertantly not applied certain rules to that firewall. Threfore the rule numbers wouldn't match up. Just one quick thought.... Jason Simon Guo wrote: > > I am more confused. > > I have a rule 7 allowing a service with a rang of ports. And the logviewer > shows the service ports are droped by rule 15 which is a "Accept" rule of > other src/des/service. > > Can anyone explain/speculate any possible cause of this? The service does be > affected and I want the service up. > > Thanks > > Simon > > -----Original Message----- > From: Sukhpreet Singh [mailto:[email protected]] > Sent: Friday, September 29, 2000 2:39 PM > To: 'John Gesualdi'; fw > Subject: RE: [FW1] Logs messages, I'm confused ?? > > They look like "drops" to me instead of "rejects". And seems like they're > being dropped because of your rule # 59. > > -----Original Message----- > From: John Gesualdi [mailto:[email protected]] > Sent: Friday, September 29, 2000 2:02 PM > To: fw > Subject: [FW1] Logs messages, I'm confused ?? > > I'm running FW1 4.0 SP5 on a Nokia. I have a Web server in my DMZ, I'm > noticing > allot of rejects in my logs for this web server. They look like these and > I'm > getting a whole bunch. The weird thing is that my site is up and I have not > gotten any complaints from users trying to access it. > > 21:59:59 drop frt >eth-s1p1c0 proto tcp src d181820ad.rochester.rr.com > dst > www service http s_port 2439 len 48 rule 59 > > 21:59:59 drop frt >eth-s1p1c0 proto tcp src cache-dg09.proxy.aol.com > dst > www service http s_port 50655 len 48 rule 59 > > The FW1 log viewer shows these coming from "daemon" and rule 0. Can someone > try > to explain this. I'm concerned that I may be losing hits. Thanks very much. > > -- > John Gesualdi > The Providence Journal Company > Phone> Pager> CCDP,CCNP > > ============================================================================ > ==== > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html > ============================================================================ > ==== > > ============================================================================ > ==== > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html > ============================================================================ > ==== > > ================================================================================ > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================================================ ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|