Thread: Rule processing order
View Single Post
  #1 (permalink)  
Old 2008-05-01
kj1978 kj1978 is offline
Junior Member
  
Join Date: 2005-10-13
Posts: 6
Rep Power: 0
kj1978 has an average reputation (10+)
Default Rule processing order
Hi Guys,

I am bit confused with the way rule processing works on the firewall.

CCSA examcram2 book says that rule processing works as below :

1.Anti spoofing checks
2. "First" implicit rules
3.Explicit rules (except for the final rule)
4."Before last" implicit rules
5. Last explicit rule (cleanup rule)
6. "Last" implicit rule
7. Network address translation

If i look at the checkpoint courseware, it shows rule processing as follows:

1. Network address translation
2.Anti spoofing checks
3. "First" implicit rules
4.Explicit rules (except for the final rule)
5."Before last" implicit rules
6. Last explicit rule (cleanup rule)
7. "Last" implicit rule

Can anyone advise what is the correct order of rule base processing and whether NAT is checked after explicit rules or before the explicit rules ?

Thanks
KJ
Reply With Quote