ipfw2 problem
Leo Bicknell
bicknell at ufp.org
Sun Jan 4 17:40:23 PST 2004
In a message written on Sun, Jan 04, 2004 at 05:32:17PM +0800, Ganbold wrote:
> me what will happen when net.inet.ip.fw.dyn_count reaches
> net.inet.ip.fw.dyn_max value?
As a random passing thought...
Anytime a new dynamic rule is denied due to reaching dyn_max, a new
counter, eg, "dropped_dyn_rules" should be incremented, so the user
can at least verify the limit is the problem.
--
Leo Bicknell - bicknell at ufp.org - CCIE 3440
PGP keys at http://www.ufp.org/~bicknell/
Read TMBG List - tmbg-list-request at tmbg.org, www.tmbg.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-hackers/attachments/20040104/bf1dc44b/attachment.bin
More information about the freebsd-hackers
mailing list