[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW1] Unexplained log entries

To: fw-1-mailinglist@softwhisper.us.checkpoint.com
Subject: [FW1] Unexplained log entries
From: jvieira@dmr.com
Date: Mon, 26 Apr 1999 11:37:51 -0400


This weekend several ISPs started sending icmp and udp packets to my firewall
and the machines on my DMZ.  The logs showed that the packets were dropped.
However, later log entries showed that the firewall itself was replying to icmp
and udp packets to the same ip addresses that earlier were dropped.  Now if the
intial packets were dropped how did the FW know to reply to them?  Since I have
a rule that drop any packets originating from the FW the logs showed them as
dropped.  However, the logs also showed that the packets destined for the FW
were dropped aswell but obviouly that wasn't the case otherwise the FW would be
replying to them.

Can anyone tell me what these log entries mean.


Thanks,

Joe




================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: [FW1] Solstice FW1 3.0b under solaris 7
Next by Date: [FW1] Copy FireWall-1 Objects and Rules from FW-1 3.0a to 4.0SP2
Prev by thread: RE: [FW1] Solstice FW1 3.0b under solaris 7
Next by thread: [FW1] Unexplained log entries
Index(es):
- Date
- Thread