From owner-freebsd-questions Tue Aug 6 15: 7:13 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7844D37B401 for ; Tue, 6 Aug 2002 15:07:09 -0700 (PDT) Received: from labs.unixhideout.com (dsl-65-187-193-189.telocity.com [65.187.193.189]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2F5E543E42 for ; Tue, 6 Aug 2002 15:07:04 -0700 (PDT) (envelope-from root@unixhideout.com) Received: from unixhideout.com (webserver@localhost.unixhideout.com. [192.168.1.20]) by labs.unixhideout.com (8.12.5/8.12.3) with SMTP id g76M6vW0037235 for ; Tue, 6 Aug 2002 18:07:01 -0400 (EDT) (envelope-from root@unixhideout.com) Received: from 192.168.1.10 (SquirrelMail authenticated user sagacious) by email.unixhideout.com with HTTP; Tue, 6 Aug 2002 18:07:01 -0400 (EDT) Message-ID: <3166.192.168.1.10.1028671621.squirrel@email.unixhideout.com> Date: Tue, 6 Aug 2002 18:07:01 -0400 (EDT) Subject: Re: /kernel: drop session, too many entries From: "Mike" To: In-Reply-To: <1028670181.38776.89.camel@Demon.vickiandstacey.com> References: <1028666145.38776.66.camel@Demon.vickiandstacey.com> <2599.192.168.1.10.1028669060.squirrel@email.unixhideout.com> <1028670181.38776.89.camel@Demon.vickiandstacey.com> X-Priority: 3 Importance: Normal X-MSMail-Priority: Normal Reply-To: root@unixhideout.com X-Mailer: SquirrelMail (version 1.2.7) MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Hmm. Are you using dummynet? To restrict connections per ip and things like that? for example look at my rule for www, ${fwcmd} add 01500 allow log tcp from any to ${ip} 80 setup keep-state limit src-addr 4 It limits connections per ip. So maybe its possible that a client has requested 5 connections and hence, /kernel: drop session, too many entries maybe? I guess i will wait for replies. > Hi Mike, > Hmmm.., your mentioning ipfw *does* kinda make sense here. > > If anything, I figure it might be the fact that the firewall has > processed (denied, for instance) a certain number of packets at a > certain rule number, and has actually decided not to process anymore as > the connection has already been assessed and (in the above case) a > decision (deny) has be made. > > The end of this is, that there is no sense in continued logging of this > event, hence the message. The snag in this theory is the lack of a > firewall rule number associated with the message, though. > > Logical, but by no means authoritative! I'd like to get to the bottom of > this myself, and do hope that a more learned ipfw person might comment. > > Stacey > > On Tue, 2002-08-06 at 22:24, Mike wrote: >> It's due to IPFW rules. I know that cause i just configged it and im >> getting those errors, but I am not sure whats it means either. when >> you find out please send me the email. >> >> > Hi, >> > I've been noticing the following in /var/log/messages recently. I >> > don't know what they refer to, nor if I should be concerned about >> them. >> > >> > Aug 6 13:01:11 /kernel: drop session, too many entries Aug >> 6 13:01:19 /kernel: drop session, too many entries >> > >> > Here's my uname: >> > # uname -rp >> > 4.6-STABLE i386 >> > # >> > >> > I'd appreciate someone in the know to shed some light on these >> messages, please. >> > >> > Stacey >> > >> > -- >> > Stacey Roberts >> > B.Sc (HONS) Computer Science >> >> >> >> ----------------------------------------- >> Free email that kicks ass from UnixHideout >> "The UnixHideout network" >> http://www.unixhideout.com/ >> >> >> >> To Unsubscribe: send mail to majordomo@FreeBSD.org >> with "unsubscribe freebsd-questions" in the body of the message > -- > Stacey Roberts > B.Sc (HONS) Computer Science ----------------------------------------- Free email that kicks ass from UnixHideout "The UnixHideout network" http://www.unixhideout.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message