[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [FW1] Accept ICMP vs. Accept "Last"
either way you do it, acceptICMP means it will be handled at the policy
property level
1) First means icmp will be passed before it hits ANY rules.
2) Before last is before your cleanup rule (so it won;t be logged)
3) Last is after all your defined rules.
I wouldn't suggest setting it to first. Tailor for what you need.
You can also uncheck the implied policy and make sure own rule.
Thomas Poole
-----Original Message-----
From: Kristy Davis [mailto:Kristy_Davis2@excite.com]
Sent: Monday, March 20, 2000 10:41 AM
To: fw-1-mailinglist@lists.us.checkpoint.com
Subject: [FW1] Accept ICMP vs. Accept "Last"
hello
what is the difference between disabling "Accept ICMP" in the properties
menu vs. setting it to "Last". If I set it to "Last", it will never fire,
and if I uncheck "Accept ICMP", it will disable it as well. In both cases,
the firewal will not return "echo reply" packets. So what is the
difference? Would appreciate if someone could explain.
thanks
-kristen
_______________________________________________________
Get 100% FREE Internet Access powered by Excite
Visit http://freelane.excite.com/freeisp
============================================================================
====
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
============================================================================
====
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
|
