O'Reilly logo

Essential Check Point™ FireWall-1® NG: An Installation, Configuration, and Troubleshooting Guide by Dameon D. Welch-Abernathy

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Tweaks for Specific Operating Systems

The following subsections discuss how to tweak IPSO's TCP/IP stack, Solaris, and Windows NT, as well as provide some changes to help the Security Servers function better.

IPSO-Specific Changes

Each of the following changes should be added to /var/etc/rc.local so they will be active across reboots. Most of these changes increase the performance of the Security Servers (which benefit from increased packet sizes) and also help general TCP/IP traffic.

ipsctl –w net:ip:tcp:sendspace 65535 # TCP/IP specific changes
ipsctl –w net:ip:tcp:recvspace 65535
ipsctl –w net:ip:tcp:default_mss 1460 # Should be MTU minus 40 bytes

Solaris-Specific Changes

All ndd commands listed in this section should be added to an rc

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required