Post 4.1 SP3 requires a 4th packet after the 3-way handshake before adding to state This is how to restore to previous 3-way then add to state setting

Post 4.1 SP3 requires a 4th packet after the 3-way handshake before adding to state
This is how to restore to previous 3-way then add to state setting

To restore the pre-version 4.1 SP3 behavior, so the connection timeout will be measured from when the TCP handshake is complete.

To apply the change on Solaris:
a. Edit FireWall-1 module /etc/system
b. At the bottom, under the line: set test_module:debug = 0x13
Add: set fw:fw_old_established_accept = 1
c. Save the file
d. The change will take affect only after a reboot

16TH DEC 2002 JIM PARKER

< back