Firewall-1
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [FW-1] Protocol Inspection

from O'Flynn, Derek [Permanent Link]
Subject: Re: [FW-1] Protocol Inspection
From: "O'Flynn, Derek" <DOFlyn AT LSUHSC DOT EDU>
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date: Wed, 22 Dec 2004 12:47:43 -0600 
Yes, I believe you can create a new service called HTTP_NoInspect, and
uncheck match for any, and select the protocol inspection to none.

Setup your rule:
Src -> Dst -> HTTP_NoInspect -> Accept

This should pass it through without inspect.  However, from some testing
that I've done recently (possibly a bug in my config) the HTTP worm catcher
seems to ignore this and still inspects the packets.

Thanks,

Derek O'Flynn
Enterprise Information Security
LSU Health Sciences Center
doflyn AT lsuhsc DOT edu (504)568-6130

-----Original Message-----
From: Mailing list for discussion of Firewall-1
[mailto:FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM] On Behalf Of Eric 
Gomes
Balcone
Sent: Tuesday, December 14, 2004 2:27 PM
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: [FW-1] Protocol Inspection

      I configured smartdefense, HTTP Protocol Inspection, Configurarions
apply to all Conections and Perform strict Protocol enforcement. I need
that only one site is not checked by HTTP Protocol Inspection.

      Is it possible?


Regards
Eric

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [FW-1] Failed to match proposal, Robert Fowler
Next by Date:  Re: [FW-1] Long Distance Redundancy, GoddardM
Previous by Thread:  [FW-1] Voice over IP (R55), theG man
Next by Thread:  Re: [FW-1] Voice over IP (R55), Hal Dorsman
Indexes:  [Date] [Thread] [Top] [All Lists]