[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW1] ICMP Type 3 packets getting through Rule 0

To: Doug.Whittier@leg.bc.ca, fw-1-mailinglist@lists.us.checkpoint.com
Subject: Re: [FW1] ICMP Type 3 packets getting through Rule 0
From: Dameon Welch <dwelch@hotmail.com>
Date: Fri, 23 Apr 1999 23:44:21 PDT


>The log shows that these packets are 'icmp-type 3 icmp-code 3' and
>'icmp-type 3 icmp-code 13'
>
>Our policy properties has ICMP disabled, so I would expect these
packets
>to be stopped by Rule 0 (the policy properties).

Unchecking ICMP in the Rulebase Properties does not automatically
"drop" something. By unchecking something from Rulebase Properties,
you are simply allowing the packets to pass through the rulebase
normally. 

Drops on Rule 0 come from anti-spoofing or authentication violations.

-- PhoneBoy


_______________________________________________________________
Get Free Email and Do More On The Web. Visit http://www.msn.com


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: Re: [FW1] Enabling GRE Protocol 47 for PPTP on FW1
Next by Date: [FW1] Re:
Prev by thread: Re: [FW1] ICMP Type 3 packets getting through Rule 0
Next by thread: Re: [FW1] ICMP Type 3 packets getting through Rule 0
Index(es):
- Date
- Thread