Thread: Netmask Flexibility in Checkpoint(strange issue)
View Single Post
  #1 (permalink)  
Old 2007-02-14
munit_si@yahoo.com munit_si@yahoo.com is offline
Junior Member
  
Join Date: 2006-02-22
Posts: 28
Rep Power: 0
munit_si@yahoo.com has an average reputation (10+)
Default Netmask Flexibility in Checkpoint(strange issue)
Experts,

I want to understand the flexibility in netmask option, while defining a network object.


My requirement is to match a particular octet in network traffic , and then do filtering based upon that.

In case of Cisco routers/Pix Firewall we easily achieve that


Here is an example of cisco router

ip access-list 150 permit ip 0.0.79.0 255.255.0.255 any

This filter will permit any ip address that has 79 as the third octet

example

2.3.79.2
1.4.79.3
172.25.79.140


MY question is can we do the same in case of checkpoint firewall's

I tried , but failed to create a network object with the above requirements

Thanks
Munit
Reply With Quote