[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] Logs messages, I'm confused ??
Thank you for all the response. I am really moved. My problem is solved by reconfigure the route of the hosts: The traffic is not going the intended gateway so it was dropped by an unexpected rule. Really amussing. Thanks all again. -----Original Message----- From: Cihan Subasi (Garanti Teknoloji) [mailto:[email protected]] Sent: Saturday, September 30, 2000 3:32 PM To: 'Simon Guo '; ''Sukhpreet Singh' '; ''John Gesualdi' '; 'fw ' Subject: RE: [FW1] Logs messages, I'm confused ?? I am heaving same problem as well, you have permit rule but the session goes all the way down and hits the drop all rule..But I think intsalling the rule one more time solves the problem..(that should be a bug of SP2) -----Original Message----- From: Simon Guo To: 'Sukhpreet Singh'; 'John Gesualdi'; fw Sent: 29.09.2000 22:35 Subject: RE: [FW1] Logs messages, I'm confused ?? I am more confused. I have a rule 7 allowing a service with a rang of ports. And the logviewer shows the service ports are droped by rule 15 which is a "Accept" rule of other src/des/service. Can anyone explain/speculate any possible cause of this? The service does be affected and I want the service up. Thanks Simon -----Original Message----- From: Sukhpreet Singh [mailto:[email protected]] Sent: Friday, September 29, 2000 2:39 PM To: 'John Gesualdi'; fw Subject: RE: [FW1] Logs messages, I'm confused ?? They look like "drops" to me instead of "rejects". And seems like they're being dropped because of your rule # 59. -----Original Message----- From: John Gesualdi [mailto:[email protected]] Sent: Friday, September 29, 2000 2:02 PM To: fw Subject: [FW1] Logs messages, I'm confused ?? I'm running FW1 4.0 SP5 on a Nokia. I have a Web server in my DMZ, I'm noticing allot of rejects in my logs for this web server. They look like these and I'm getting a whole bunch. The weird thing is that my site is up and I have not gotten any complaints from users trying to access it. 21:59:59 drop frt >eth-s1p1c0 proto tcp src d181820ad.rochester.rr.com dst www service http s_port 2439 len 48 rule 59 21:59:59 drop frt >eth-s1p1c0 proto tcp src cache-dg09.proxy.aol.com dst www service http s_port 50655 len 48 rule 59 The FW1 log viewer shows these coming from "daemon" and rule 0. Can someone try to explain this. I'm concerned that I may be losing hits. Thanks very much. -- John Gesualdi The Providence Journal Company PhonePagerCCDP,CCNP ======================================================================== ==== ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ======================================================================== ==== ==== ======================================================================== ==== ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ======================================================================== ==== ==== ======================================================================== ======== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ======================================================================== ======== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|