DLink firewall issues


I have DLF-1600 firewall working in transparent mode, all stateful connections are working brilliant, however for passive fingerprinting purposes I need to bypass stateful engine and forward packet straight to linux box. There is FwdFast rule, but it triggers only on incoming traffic, not outcoming. I've tried to make it together with SAT rule but no success. I've got two rules to accomplish it:

SMTP_in FwdFast any all-nets any IP_SMTP smtp SMTP_out FwdFast any IP_SMTP any all-nets smtp

And only first one is trigerred, although IP_STMP responses correctly, tcpdump from IP_SMTP IP > F 815:815(0) ack 293 win

65243 IP > . ack 816 win 6850

Could you please help me with this issue?

Best Regards, Tomasz

Reply to
Loading thread data ...

Did you contact the support from the vendor? BTW: which firmware are you running ..., and well a slight hint might be that Clavister introduced the pcap command in version 8.90 of their firewall core, which was released about 2-3 months ago.


I'd try 'help pcap' on the console.


Reply to
Wolfgang Kueter

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.