Date: 06 Aug 2002 18:31:06 -0400 From: Lowell Gilbert <freebsd-questions-local@be-well.no-ip.com> To: freebsd-questions@freebsd.org Subject: Re: /kernel: drop session, too many entries Message-ID: <443ctrd3h1.fsf@be-well.ilk.org> In-Reply-To: <3166.192.168.1.10.1028671621.squirrel@email.unixhideout.com> References: <1028666145.38776.66.camel@Demon.vickiandstacey.com> <2599.192.168.1.10.1028669060.squirrel@email.unixhideout.com> <1028670181.38776.89.camel@Demon.vickiandstacey.com> <3166.192.168.1.10.1028671621.squirrel@email.unixhideout.com>
next in thread | previous in thread | raw e-mail | index | archive | help
"Mike" <root@unixhideout.com> writes:
> Hmm. Are you using dummynet? To restrict connections per ip and things
> like that? for example look at my rule for www,
> ${fwcmd} add 01500 allow log tcp from any to ${ip} 80 setup keep-state
> limit src-addr 4
>
> It limits connections per ip. So maybe its possible that a client has
> requested 5 connections and hence,
>
> <snip> /kernel: drop session, too many entries
>
> maybe? I guess i will wait for replies.
I would be more inclined to guess that it's hitting the limit of
dynamic rules:
sysctl net.inet.ip.fw.dyn_max
[info available in the manual for ipfw(8)]
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?443ctrd3h1.fsf>