limited logging when using limit
Arvinn Løkkebakken
arvinn at sandakerveien.net
Fri Sep 30 03:37:31 PDT 2005
First of all., I love ipfw, and I love logs, specially logs about packet
drops.
Recently I started using limit on my allow and pipe rules like this:
ipfw add pipe 5 log tcp from 200.0.0.0/7 to me dst-port 25 limit src-addr 2
ipfw add allow log tcp from any to me dst-port 25 limit src-addr 10
..as always with ipfw, it works like a charm:)
However, packet drops caused by the conection limit does not get logged.
Either source ip/port, destination ip/port or even rule number gets
logged. Is there a reason for this?
All I get in syslog is:
Sep 30 11:14:40 hostname drop session, too many entries
My system runs FreeBSD 4.11-p11 with ipfw2.
Arvinn
More information about the freebsd-ipfw
mailing list