If I repeatedly nmap my FreeBSD 4.10 machine configured with ipfirewall, I get the message "Too many dynamic rules, sorry". Doing a sysctl -a |grep ip.fw I can see the the net.inet.ip.fw.dyn_count has reached the max value of 8192 that I set. The net.inet.ip.fw.dyn_ack_lifetime is set to 300, so the dynamic rule count starts going down after about 5 minutes after the simulated attack.
Questions:
When this happens, if my firewall still fully operational, in other words can I safely ignore this message?
Is there a way to fix this?
_______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
