[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [FW1] Pings in log file
I agree this is pretty dumb. Do you know of anyone who may have written some
procedure to eliminate the Properties Dialog screen and input the proper rules
in the rule base? I'm not sure I want to do this without some guidance.
JP
"McMeekin, Scott" <Mcmeesm@rbos.co.uk> on 11/05/99 11:27:31 AM
To: fw-1-mailinglist@lists.us.checkpoint.com
cc: (bcc: James J. Previti/Telecom/Philadelphia/Fiserv)
Subject: RE: [FW1] Pings in log file
Heh no. This is the most common misconception among FW-1 admins. You would
have THOUGHT that it would have been perfectly logical to log the traffic.
When would you EVER not want to log the traffic? I'll specify in my rule
base if I feel that something doesn't need to be logged.
Do yourself a MAJOR favor - disable everything in the policy options dialog
and go through the hell (if you're new to the product) that is getting the
rules specified to do it all manually. I don't know what Checkpoint were
smoking when they implemented that particular bit of FW-1, but I'd like
some.
Especially, get rid of the "accept UDP replies" and the like - it makes
debugging
a complete bloody nightmare when nothing gets logged and you end up thinking
you
have some kind of routing problem.
Checkpoint - PLEASE FIX THIS - you know it makes sense.
Scott.
-============================-
Scott McMeekin (x25086)
Senior Technical Analyst
IT Telecoms
The Royal Bank of Scotland
Phone: +44(0)1315235086
Email: mcmeesm@rbos.co.uk
-============================-
> -----Original Message-----
> From: james.previti@fiserv.com [SMTP:james.previti@fiserv.com]
> Sent: Friday, November 05, 1999 4:05 PM
> To: Roy Culley; fw-1-mailinglist@lists.us.checkpoint.com
> Subject: Re: [FW1] Pings in log file
>
>
> *** Warning : this message originates from the Internet ****
>
>
>
>
> Yes... this is true, but I though the packets would still be logged.
>
>
>
>
>
>
> Roy Culley <tgdcuro1@gd2.swissptt.ch> on 11/05/99 10:58:02 AM
>
> To: James J. Previti/Telecom/Philadelphia/Fiserv@Fiserv
> cc:
>
> Subject: Re: [FW1] Pings in log file
>
>
>
>
>
> > Can anyone tell my why pings through a firewall would not be displayed
> in a
> log
> > file?
>
> Because you have 'Accept icmp' enabled in your fw-1 Properties...?
>
>
>
>
>
>
>
> ==========================================================================
> ======
> To unsubscribe from this mailing list, please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> ==========================================================================
> ======
The Royal Bank of Scotland plc is registered in Scotland No 90312. Registered
Office: 36 St Andrew Square, Edinburgh EH2 2YB.
The Royal Bank of Scotland plc is regulated by IMRO, SFA and Personal Investment
Authority.
This e-mail message is confidential and for use by the addressee only. If the
message is received by anyone other than the addressee, please return the
message to the sender by replying to it and then delete the message from your
computer.
'Internet e-mails are not necessarily secure. The Royal Bank of Scotland plc
does not accept responsibility for changes made to this message after it was
sent.'
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================