Checkpoint firewall

neo77777 · 10-13-2003, 10:31 PM

We just finished deploying new Nokia appliances as our firewalls with Checkpoint NG AI, and here I got a blocked query in the logger - X11 is not allowed through service "* any". Please create an earlier rule to explicitely allow X11 service. How's that for any rule. Checkpoint has no explanation yet.

jeremy · 10-13-2003, 10:55 PM

This is a feature - FW1 (as of NG FP3) now blocks X11 even on an any rule. You have to create a rule to explicitly allow it. You can also use dbedit to set "reject_x11_in_any" to false, but do so at your own risk.

--jeremy