If Firewall-1 on Windows receives a packet on a segment that is destined for
the same segment, will the packet be subjected to the Firewall-1 rules
before it is (possibly) passed back to the segment?
--
Will
In article
: If Firewall-1 on Windows receives a packet on a segment that is destined for
: the same segment, will the packet be subjected to the Firewall-1 rules
: before it is (possibly) passed back to the segment?
No. This is something that used to be possible in some ancient versions
of firewall-1, but no more. The reason for this is that the OS might
issue an icmp redirect packet to the host which in turn will create a
temporary static route and then this trafic will bypass the firewall
totally.
Lars
news:efc2m9$v7u$1@bork.aitel.hist.no...
> In article
> : If Firewall-1 on Windows receives a packet on a segment that is destined
for
> : the same segment, will the packet be subjected to the Firewall-1 rules
> : before it is (possibly) passed back to the segment?
>
> No. This is something that used to be possible in some ancient versions
> of firewall-1, but no more. The reason for this is that the OS might
> issue an icmp redirect packet to the host which in turn will create a
> temporary static route and then this trafic will bypass the firewall
> totally.
So what is the current behavior? The packet is automatically deleted or
passed?
--
Will
Will
: So what is the current behavior? The packet is automatically deleted or
: passed?
The packet is dropped.
Lars