ipfw: Too many dynamic rules

Gareth de Vaux bsd at lordcow.org
Fri Sep 10 12:35:43 UTC 2010


On Fri 2010-09-10 (03:18), Ian Smith wrote:
> Try using 'limit' rather than the unlimited 'keep-state' for inbound 
> dynamic connections to your server/s.  eg, derived from ipfw(8):

These are mostly legitimate connections though, they just aren't being
closed properly. So if limit were to have an affect in my scenario, it
would just prevent legitimate users from reconnecting.


More information about the freebsd-stable mailing list