[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW1] Pseudo Rules

To: undisclosed-recipients: ;, fw-1-mailinglist@lists.us.checkpoint.com
Subject: [FW1] Pseudo Rules
From: ian_cuthbertson@uk.ibm.com
Date: Tue, 9 Nov 1999 15:33:30 +0000




Can anyone explain the Psuedo Rule

Accept Outgoing packets

The FW1 Help says:

"On gateways, rules are usually enforced on the inbound direction only. When a
packet passing through a gateway leave a gateway, it will be allowed to pass
only if the following is true:

1. The accept outgoing packets property is checked
2. Rules are enfoced in both directions (eithebound) and rules are in place to
let packets leave the firewall".

My question is, if I have configued my rules to install on "Gateways" and they
apply inbound only (configured in policy properties). Therefore it should not be
checking packets leaving the gateway. Also this rule is configured last, which
is after a rule that states

Source Any
Destination Any
Service Any
Action Drop

So this rule will never be reached anyway. SO can I remove this rule without any
damage?

Thanks, Ian

Technical Directions and Enterprise, Geomar Technical Centre
ian_cuthbertson@uk.ibm.com




================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: [FW1] LDAP and Netware.
Next by Date: [FW1] CVP - Trend Viruswall - MS proxy timeout
Prev by thread: Re: [FW1] Pseudo Rules
Next by thread: Re: [FW1] Pseudo Rules
Index(es):
- Date
- Thread