Runing FW-1 v2.1 on Solaris 2.5 x86. I have 2 questions
1. Where in the hierarchy of things that FW does is NAT applied on both
the inbound
and outbound (wrt the packet direction) interfaces ? I have "inbound"
set in my
properties. Am I correct in thinking that, for a forward moving
packet outbound
from the internal network the following happens:
packet reaches fw-1 internal interface
anti spoofing applied
items marked "first" in security policy properties
rule base except for last rule
items marked "before last" in security policy properties
last rule of rule base
items marked "last" in security policy properties
implicit drop
nat
packet leaves external interface
(boldy going where no packet has gone before)
2. At what level does snoop work on the fw-1 machine wrt to the FW-1
actions. ie
will snoop only see packets that make it through the first 8 things above ?
------------------------------------------------------------------------
Martin C. Walker martinw @
epcorp .
com
Project Lead Voice: (513)629-2517
Eagle-Picher Industries Fax: (513)629-2449
580 Walnut St, Cincinnati, OH 45202
|
|
