Firewall-1 Behavior Receiving and Sending to Same Segment

If Firewall-1 on Windows receives a packet on a segment that is destined for the same segment, will the packet be subjected to the Firewall-1 rules before it is (possibly) passed back to the segment?

Reply to
Will
Loading thread data ...

In article you wrote: : If Firewall-1 on Windows receives a packet on a segment that is destined for : the same segment, will the packet be subjected to the Firewall-1 rules : before it is (possibly) passed back to the segment?

No. This is something that used to be possible in some ancient versions of firewall-1, but no more. The reason for this is that the OS might issue an icmp redirect packet to the host which in turn will create a temporary static route and then this trafic will bypass the firewall totally.

Lars

Reply to
larstr

So what is the current behavior? The packet is automatically deleted or passed?

Reply to
Will

Will wrote: : So what is the current behavior? The packet is automatically deleted or : passed?

The packet is dropped.

Lars

Reply to
larstr

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.