Firewalls: re rule set

Firewalls
(February 1997)

Indexed By Thread: [Previous] [Next]

Subject:	re rule set
From:	Rudi Opperman <rudi @ magrat . asd . co . za>
Date:	Wed, 12 Feb 1997 13:18:26 +0000
To:	firewalls @ greatcircle . com

jeff <oliver @
 hg .
 uleth .
 ua> asked about the preferred order for the rule
set in fw-1 and someone answered that it starts at rule 1 and works its
way down until a condition is satisfied or the last rule is reached.

I hope i am not splitting hairs here but with solstice fw-1, things are
a little more complicated as there are control properties that form part
 of the rules.

I think the order works like this :
1. Control properties labeled FIRST are matched first.
2. Rule are matched according to the order in the rule base (except the
last rule)
3. Control properties labeled BEFORE LAST are then matched.
4. The last rule in the rule base is matched
5. Control properties labeled LAST are then matched.

To complicate mattters further there is an implicit LAST rule in the
 rule base that silently drops anything that hasn't been matched by any
of the above.

hope this helps
bye

rudi <rudi @
 magrat .
 asd .
 co .
 za>

Indexed By Date	Previous:	e-mail !!!!= HTML \:-\| From: daemond @ world2u . com
Indexed By Date	Next:	Problem in compiling FWTK From: Rafeeq Ur Rehman <rehman @ lhr . aster . com . pk>
Indexed By Thread	Previous:	Re: [NTSEC] NT Security list From: "David B. Donahue" <ddonahue @ emf . net>
Indexed By Thread	Next:	Problem in compiling FWTK From: Rafeeq Ur Rehman <rehman @ lhr . aster . com . pk>