[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW-1] install policy drops connections ?
This is the version I'm using on Solaris This is Check Point VPN-1(TM) & FireWall-1(R) Version 4.1 Build 41489 [VPN + DES] kernel: Version 4.1 [VPN + DES] Build 41487 I've written a little perl script to track connections with the command "fw tab -t connections" and this is what happen when I install a policy (at 11:54:24 for the example below).
MAX = max number of configured connection TOT = number of connections in connections table ATTIV = active connections (not used for a time < timeout/3) CLOSED = connections closed (with timeout changed to 50s) NOTUSE = connections not used for a time > timeout/3 , so I think these connections will passed to close without receiving a FIN packet ESTERN = inbound connections PRODUZ = internal traffic NAVIG = our navigation I see a big change in number of connections when I installed a new policy (see the line with ---) and the numbers seems to say that all the connections where purged from the hash table. So, because I'm new to Checkpoint administration, - what's happen ? - Is there documentation about it ? - Is there a configuration tips for mantain connections during policy installation ? ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|