[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [FW1] - Is rule0 circumventing my alert rules?
>
>Currently we are running 3.0b on NT sp3. My mail command is this:
>
>sendmail -s Alert -t mymailserver.com -f Firewall-1
>chris-woods@forum-financial.com
>
>Running this from the command line works fine, however when I tried to test
>my new rules
>by trying to remotely connect to the FW running a service I am looking for,
>I get no mail alert.
>
>I am wondering if rule 0 is somehow circumventing this?
>
As a general rule whenever I run something from cron or from a firewall
alert I always put the full path to any command that I use because I am not
sure of the setting of the PATH environment variable (e.g. /sbin/sendmail
instead of just sendmail). Another thing to do is to add a line to your
alert script that creates a file in /tmp when the script runs (e.g.
/bin/echo/ "Hello there" >/tmp/status). When you think the script should
have been run check for the presence of the file in /tmp. If the file isn't
there then your script was not run and you have to figure out why. If the
file is there then the script was run and you have to figure out what is
wrong with your sendmail command.
Just some debugging techniques that I use,
Ken G.
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================