Date: Fri, 9 Nov 2001 12:08:47 +0100 (CET) From: =?iso-8859-1?q?m=20p?= <sumirati@yahoo.de> To: cjclark@alum.mit.edu, setantae@submonkey.net Cc: questions@FreeBSD.ORG Subject: Re: too many dynamic rules Message-ID: <20011109110847.90547.qmail@web13305.mail.yahoo.com>
next in thread | raw e-mail | index | archive | help
"Crist J. Clark" wrote: > > On Thu, Nov 08, 2001 at 08:12:07PM +0000, setantae wrote: > > > > Can't find anything in the archives at MARC, and not sure which list > > I should be talking to, so please set followups appropriately if it > > bothers you. > > > > For approximately 18 seconds today my firewall went apesh*t > > (these are all relevant entries) : > > > > Nov 8 14:47:45 rhadamanth /kernel: Too many dynamic rules, sorry > > Nov 8 14:47:45 rhadamanth natd[218]: failed to write packet back (Permission denied) > > [snip] > > > At the time there was only one user logged onto the box, and no clients > > behind the firewall - unfortunately I have no idea what I was doing at the > > time, > > You wouldn't have happened to have been port scanning someone (nmap or > the like)? Hi, he said, that he was upgrading the ports-collection on his machine. For that purpose a connection to every ftp where the source is will be made. That may exceed on a fast connction the maximum defined for dynamic rules. So please check your setting how many dynamic rules you allow and add some during port upgrade :) Just my DEM 0.02 Marc __________________________________________________________________ Gesendet von Yahoo! Mail http://mail.yahoo.de To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011109110847.90547.qmail>