[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [FW1] Pseudo Rules
Hello,
this rule may help you if you enforce the eitherbound.
we had the same here, the rule is eitherboud, the last rule is any-any-any-drop
and we "unchecked" this pseudo rule saying that the outgoing packets are
allowed.
It's working fine, no problem for us.
Patrick
ian_cuthbertson@uk.ibm.com wrote:
>
> Can anyone explain the Psuedo Rule
>
> Accept Outgoing packets
>
> The FW1 Help says:
>
> "On gateways, rules are usually enforced on the inbound direction only. When a
> packet passing through a gateway leave a gateway, it will be allowed to pass
> only if the following is true:
>
> 1. The accept outgoing packets property is checked
> 2. Rules are enfoced in both directions (eithebound) and rules are in place to
> let packets leave the firewall".
>
> My question is, if I have configued my rules to install on "Gateways" and they
> apply inbound only (configured in policy properties). Therefore it should not be
> checking packets leaving the gateway. Also this rule is configured last, which
> is after a rule that states
>
> Source Any
> Destination Any
> Service Any
> Action Drop
>
> So this rule will never be reached anyway. SO can I remove this rule without any
> damage?
>
> Thanks, Ian
>
> Technical Directions and Enterprise, Geomar Technical Centre
> ian_cuthbertson@uk.ibm.com
>
> ================================================================================
> To unsubscribe from this mailing list, please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> ================================================================================
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================