Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

R: R: PIX dropping packets with source port 80

From: <edp.lists () acerbis it>
Date: Thu, 27 May 2004 15:03:11 +0200
 
Ok.

I think that the issue is related to some quirkiness of the tcp socket close
(because all seems working)
: the pix could close the translation slot before the complete handshake is
completed thus denying the last peer packet, *BUT* we can't say more until
you provide a detailed packet trace of the communication involved, could be
also a misbehaving tcp stack.


bye

-----Messaggio originale-----
Da: LazloCarreidas () netscape net [mailto:LazloCarreidas () netscape net] 
Inviato: giovedì 27 maggio 2004 10.26
A: edp.lists () acerbis it
Oggetto: RE: R: [fw-wiz] PIX dropping packets with source port 80

Hi

<edp.lists () acerbis it> wrote:


Don't be misled by port 80, could be really junk traffic and the pix 
correcly detect that as such (in fact you report no problems in using 
the proxy).


I understand that. The fact is that I can prove that the proxy opens the
connection outside to a specific address, and then some packets back are
dropped from the same address. For example, the connection open at 14:04:02
and packets are dropped at 14:04:04...


If you want only get rid of the message, just disable it with the "logging"
command or set the message 106023 to another syslog level (less priority).
i.e. "logging message 106023 level 7" or "no logging message <n>"


No so simple. The 106023 message is for every dropped packet, and I want to
keep the other ones...

Thanks for the help

  Lazlò


__________________________________________________________________
Introducing the New Netscape Internet Service. 
Only $9.95 a month -- Sign up today at http://isp.netscape.com/register

Netscape. Just the Net You Need. 

New! Netscape Toolbar for Internet Explorer Search from anywhere on the Web
and block those annoying pop-ups.
Download now at http://channels.netscape.com/ns/search/install.jsp

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: