Raptor Firewall problem

["Chris Hughes" <chughes () rpm com>]

I've run into a problem with the Raptor firewall (version 4) today 
denying some traffic that has been working fine.  Impact: POP (110), AOL 
(5190), and Notes (1352) at least.  WWW and SMTP are fine.  The rules with 
explicit permission for the affected TCP ports are still in place.  The 
entities (users IP networks) are still in place.   Raptor is 
intermittently logging the denials of 'no rule'; other times he blocks the 
passage without logging.   Client sniffing shows client sends SYN, then 
Raptor on behalf of remote host IP address sends back RST.  There are 4-5 
retries. No sessions can complete.

> From a Root login on the firewall, I *CAN* telnet to target hosts and 
specify those ports.  I don't know if this bypasses all rules processing 
or not.  Sounds clearly to be a Firewall problem.

This problem just came up today. The same ports worked fine yesterday. 
Don't know what could have triggered this. Customer has a scheduled change 
control to reboot tonight to try to get past this.  For some reason 
they're reluctant to contact Raptor for help.

Has anyone run into this?  found a fix (not just a reset)?
_____________________________________________
Chris Hughes 
Internetworking Consultant         

RPM Consulting 
A Network Solutions Subsidiary of Computer Horizons
http://www.rpm.com  http://www.computerhorizons.com

Office: 410-309-6000  1-800-776-0073
Email: chughesnospam () rpm com
_____________________________________________