[FW-1] Basic Rule Question

Subject:	[FW-1] Basic Rule Question
From:	John Lindblom <jlindblom AT MICO DOT COM>
To:	FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date:	Thu, 22 Dec 2005 10:17:41 -0600

Just need some clarification on this, I'm by no means an expert with
Firewall-1.

If I have a rule like this "Internal-net"  "ANY"  "ANY"  "ACCEPT", I'm
assuming this would mean internal users have access to the internet and the
DMZ because of the destination "ANY" is this correct?  If this is correct,
I would need a rule before this one "Internal-net"  "DMZ"  "ANY"  "DROP" to
block access to the DMZ net right .

John

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

<Prev in Thread]	Current Thread	[Next in Thread>
[FW-1] Basic Rule Question, John Lindblom <= Re: [FW-1] Basic Rule Question, Ramakrishnan Pillai Re: [FW-1] Basic Rule Question, Braintek Re: [FW-1] Basic Rule Question, Ramakrishnan Pillai

Previous by Date:	[FW-1] Firewall dropping packets, Tauseef Khan
Next by Date:	[FW-1] Checkpoint Express CI R57 content inspection problem, Eren Sonmez
Previous by Thread:	[FW-1] Firewall dropping packets, Tauseef Khan
Next by Thread:	Re: [FW-1] Basic Rule Question, Ramakrishnan Pillai
Indexes:	[Date] [Thread] [Top] [All Lists]