Great Circle Associates Firewalls
(June 1996) 		 
Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]
Subject: Re: Firewall-1 and Gauntlet
From: todd @ momentum . com . au (Todd Hooper)
Date: Mon, 3 Jun 1996 14:19:24 +0800
To: Firewalls @ GreatCircle . COM 
Jean-Christophe Touvet <jct @
 edelweb .
 fr> writes:

> As far as I know, this is a Firewall-1 bug. The reason is that Gauntlet used
>to split its PORT commands in two packets (two write() system calls). Since
>Firewall-1's filtering code works only with one packet at once, it fails. TIS
>guys wrote some patches to solve this problem (contact your Gauntlet reseller),
>but IMHO that's really a packet filtering design problem: how do you inspect
>data when it doesn't fit in the same packet ? Of course, you could keep data
>in your sate machine, but in that case you've just written a proxy. Any
>comments ?

Isn't that one of the issues (specifically, the problems with TIS and Gauntlet
ftp) that Checkpoint fixed in Firewall-1 version 2.0d?

Regards,

Todd

--

Todd Hooper                            Internet  : todd @
 momentum .
 com .
 au
Internet and Open Systems Division     Phone     : 09 429 6000
AlphaWest Pty Ltd                      Fax       : 09 429 6030
Follow-Ups:
Indexed By Date Previous: Re: Countermeasures ?
From: Sean Donelan <SEAN @ SDG . DRA . COM>
Next: Re: Raptor's Eagle Firewall
From: sameer @ wiproge . med . ge . com (Sameer )
Indexed By Thread Previous: Re: Firewall-1 and Gauntlet
From: "Paul M. Cardon" <pmarc @ fnbc . com>
Next: Re: Firewall-1 and Gauntlet
From: Darren Reed <avalon @ coombs . anu . edu . au>
Google
 
Search Internet Search www.greatcircle.com