In testing a Soltice's firewall-1 (release 2) I found the following:
The firewall's filter rules block all inbound traffic, inculding ICMP
packets. However, when pinging the firewall with ping -l 70000,
firewall-1's GUI somehow seemed to crash as well as all the filter
At the same time with pinging I was able to telnet to the firewall and
thus bypass the filter rules (which seem to be crashed with the GUI).
After several minutes the GUI came back to life as well as the filter
rules, but it was to late by then!!!
More tests seem to reveal there's a problem with the logging facilities
of FW-1. It was so busy logging the ping, it "forgot" to do anything
Can somebody help me out on this one? Has anybody encoutered the same
thing happening? Is it a problem with FW-1's use of syslog or is it a
Thanks in advance,
KPMG EDP Auditors