From owner-freebsd-questions@FreeBSD.ORG Fri Aug 31 12:35:43 2007 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E7E5916A417 for ; Fri, 31 Aug 2007 12:35:43 +0000 (UTC) (envelope-from gpeel@thenetnow.com) Received: from thenetnow.com (thenetnow.com [69.90.69.141]) by mx1.freebsd.org (Postfix) with ESMTP id C6DE113C428 for ; Fri, 31 Aug 2007 12:35:43 +0000 (UTC) (envelope-from gpeel@thenetnow.com) Received: from hpeel.ody.ca ([216.240.12.2] helo=GRANT) by constellation.thenetnow.com with esmtpa (Exim 4.63 (FreeBSD)) (envelope-from ) id 1IR5iD-000P9U-W0 for freebsd-questions@freebsd.org; Fri, 31 Aug 2007 08:34:58 -0400 Message-ID: <001a01c7ebcb$53e455b0$6501a8c0@GRANT> From: "Grant Peel" To: Date: Fri, 31 Aug 2007 08:34:51 -0400 Organization: The Net Now MIME-Version: 1.0 X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.3138 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3138 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: IPFW - Keep State X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Grant Peel List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 31 Aug 2007 12:35:44 -0000 In a nutsheel, is it really necessary, or is thier a really compelling = reason to use keep-state for a normal web - email server? I sometimes see "Too many dynamic rules" and can see a correlation = between customer complaints and these log entries. My server all have about 200 rules, most of them counters for bandwidth = accounting. -Grant