IPFW and Dynamic Rules
Dave McCammon
davemac11 at yahoo.com
Wed Jan 21 11:20:54 PST 2004
--- Adam Seniuk <adams at techweavers.net> wrote:
> I keep getting /kernel: Too many dynamic rules,
> sorry im my log file several
> times and i am not sure whats going on I have read
> some articles but they
> are all in 2000 and for FreeBSD 4.0.
>
> If someone could give me a clue into what this is
> and how I can fix it. That
> would be great!
>
> Thanks.
>
>
> Adam Seniuk
>
> adams at techweavers.net
>
[snip]
>From the IPFW(8)
net.inet.ip.fw.dyn_max: 8192
Maximum number of dynamic rules. When
you hit this limit, no more dynamic rules can be
installed until old ones expire.
Default on my FBSD 4.9 box with (options IPFW2 in
kernel config) is 4096.
It may be helpful to tweak this setting or adjust the
expire time.(net.inet.ip.fw.dyn_ack_lifetime). There
are other sysctl knobs you can tweak. Check the man
page.
__________________________________
Do you Yahoo!?
Yahoo! Hotjobs: Enter the "Signing Bonus" Sweepstakes
http://hotjobs.sweepstakes.yahoo.com/signingbonus
More information about the freebsd-questions
mailing list