Forum Replies Created
-
Posts
-
Hi.
Please describe how do you try to set up NAT in NeT Firewall. Procedure of it is different than in IG.
Also you can read help, how to do it.
Hi.
Please tell me what version of NeT Firewall do you have.
It seems to me your configuration is proper, but in some previous version we had a bag with one direcion rules.
Please contact with me by mail.
Hi.
You see TCP and UDP connections when you click Active Connections program node.
If you click node Packet Log, you will see all packets arrived on your system.
Do not forget to start log(log is started after installation).
If you set High Security Level on any network adapter, only packets corresponded with allow rules will be pass to the system.
Regards,
AndrewWe are going to include NAT and IP shaper as soon as possible and currently preparing user interface to cover it. We hope to finish it up this year.
We have api to communicate with Firewall but it is still not open for end-user. We will discuss the possibilities to open it to registered users on special request.
Regards,
AndrewHi.
In current version of NeT Firewall you can save list of logged packets to a file.
Automatic file logging is not implemented yet.
Regards,
AndrewWe will improve our internal interface to avoid such problem.
To allow incoming DNS, please turn off DNS inspection in Option menu.
Regards,
AndrewThank for your post about NeT Firewall.
Could you please send sreenshot of rules and part of log where you think that firewall do not work properly to andrew@ntkernel.com
Regards,
AndrewThank you for choosing NeT Firewall.
In current version of NeT Firewall, NAT is not implemented, and you can use Routing and Remote Access, ICS included in your operation system.
Andrew
VOID
RecalculateUDPChecksum (
PINTERMEDIATE_BUFFER pPacket
)
{
udphdr_ptr pUdpHeader = NULL;
unsigned short word16, padd = 0;
unsigned int i, sum = 0;
PUCHAR buff;
DWORD dwUdpLen;iphdr_ptr pIpHeader = (iphdr_ptr)&pPacket->m_IBuffer[sizeof(ether_header)];
// Sanity check
if (pIpHeader->ip_p == IPPROTO_UDP)
{
pUdpHeader = (udphdr_ptr)(((PUCHAR)pIpHeader) + sizeof(DWORD)*pIpHeader->ip_hl);
}
else
return;dwUdpLen = ntohs(pIpHeader->ip_len) – pIpHeader->ip_hl*4;//pPacket->m_Length – ((PUCHAR)(pTcpHeader) – pPacket->m_IBuffer);
if ( (dwUdpLen/2)*2 != dwUdpLen )
{
padd=1;
pPacket->m_IBuffer[dwUdpLen + pIpHeader->ip_hl*4 + sizeof(ether_header)] = 0;
}buff = (PUCHAR)pUdpHeader;
pUdpHeader->th_sum = 0;// make 16 bit words out of every two adjacent 8 bit words and
// calculate the sum of all 16 vit words
for (i=0; i< dwUdpLen+padd; i=i+2){
word16 =((buff<<8)&0xFF00)+(buff[i+1]&0xFF);
sum = sum + (unsigned long)word16;
}// add the TCP pseudo header which contains:
// the IP source and destination addresses,sum = sum + ntohs(pIpHeader->ip_src.S_un.S_un_w.s_w1) + ntohs(pIpHeader->ip_src.S_un.S_un_w.s_w2);
sum = sum + ntohs(pIpHeader->ip_dst.S_un.S_un_w.s_w1) + ntohs(pIpHeader->ip_dst.S_un.S_un_w.s_w2);// the protocol number and the length of the TCP packet
sum = sum + IPPROTO_UDP + (unsigned short)dwUdpLen;// keep only the last 16 bits of the 32 bit calculated sum and add the carries
while (sum>>16)
sum = (sum & 0xFFFF)+(sum >> 16);// Take the one’s complement of sum
sum = ~sum;pUdpHeader->th_sum = ntohs((unsigned short)sum);
}Hi.
Thanks for your comments about our product.
If I understand you correctly, you have internal network interface, for example Local Area Connection and external network intreface.
In a program tree you can find ICMP Security, and it is different for different interfaces.
Please allow ICMP Echo Reply using sub-tree according to internal interface, and block ICMP Echo Reply using sub-tree according to external interface.
Regards,
AndrewHi. It is impossible to do or very hard to do to redirect to alert site.
The problem is that when you detect that site is harmful connection is being established between client and harmful site. Bat where is no connection between client and aler site. If you redirect such packet to alert site it simply drop it.
The one easy way to do it is to answer on GET query packet by yourself. Just create packet with answer as any site do.
But it needs some some special knowledges about tcp and http.
Regards,
AndrewHi.
Yes you can use Port/Protocol mapping also in your case.
If you use P/PMapping in first case why you have a problem to use it second case?
Regards,
Andrew
