Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: FW and TCP Sessions

From: backup <backup () roc co in>
Date: Tue, 01 Jun 2004 18:43:38 +0530
Manoj Kumar Neelapareddy wrote:


Hi,

if a FW is said to be a stateful firewall, then will
it allow a TCP packet to pass through it(outbound), if
i haven't sent a TCP SYN to initiate a TCP Session
before sending this TCP packet?

I heard that Statefull firewall won't allow any TCP
packets, other than TCP SYNs to pass through it, if
there is no session corresponding a TCP packet is
maintained in FW's session table.

and FW will create a new session only when it detects
a TCP SYN.

is this correct?

comments plz.
NO, It wont allow until you have a policy configured. Policies are based on 5 tuples 
source IP, Destination IP, Source port, destination port and Protocol.
Again the polices are of two types- Inbound and outbound.
Depending up on the configured policy the traffic passes thro whether its inbound or outbound. 
Cheers,
-Ravi
ROCSYS Technologies Ltd.,
http://www.rocsys.com



thank u
Manoj


        
                
__________________________________
Do you Yahoo!?
Friends.  Fun.  Try the all-new Yahoo! Messenger.
http://messenger.yahoo.com/ _______________________________________________ 
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards





_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: