From owner-freebsd-questions@FreeBSD.ORG  Sat Dec 18 10:47:33 2004
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 81C9816A4CE
	for <freebsd-questions@freebsd.org>;
	Sat, 18 Dec 2004 10:47:33 +0000 (GMT)
Received: from enterprise.thenetnow.com (enterprise.thenetnow.com
	[65.39.193.152])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 08C1C43D5C
	for <freebsd-questions@freebsd.org>;
	Sat, 18 Dec 2004 10:47:33 +0000 (GMT)
	(envelope-from gpeel@thenetnow.com)
Received: from GRANT (hpeel.ody.ca [216.240.12.2])iBIAlUG08627
	for <freebsd-questions@freebsd.org>;
	Sat, 18 Dec 2004 05:47:30 -0500 (EST)
	(envelope-from gpeel@thenetnow.com)
Message-ID: <001d01c4e4ee$f9d0b310$6401a8c0@GRANT>
From: "Grant Peel" <gpeel@thenetnow.com>
To: <freebsd-questions@freebsd.org>
Date: Sat, 18 Dec 2004 05:47:29 -0500
Organization: The Net Now
MIME-Version: 1.0
Content-Type: text/plain;
	format=flowed;
	charset="iso-8859-1";
	reply-type=original
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.2180
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
Subject: IPFW
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
Reply-To: Grant Peel <gpeel@thenetnow.com>
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 18 Dec 2004 10:47:33 -0000

Hi all,

One of our mid-aged servers is running FBSD-4.7 RELEASE.

It is a productive server, with lots of clients on it.

I have recently activated ipfw, using Webmin as the front end to admin it.

Ipfw is up and running, seems OK, BUT I am getting many many of these logs:

/kernel: OUCH! cannot remove rule, count 2
Dec 18 05:41:01 excelsior /kernel: drop session, too many entries
Dec 18 05:41:01 excelsior /kernel: OUCH! cannot remove rule, count 1
Dec 18 05:41:01 excelsior /kernel: OUCH! cannot remove rule, count 2
Dec 18 05:41:01 excelsior /kernel: drop session, too many entries
Dec 18 05:41:01 excelsior /kernel: drop session, too many entries
Dec 18 05:41:02 excelsior /kernel: OUCH! cannot remove rule, count 1
Dec 18 05:41:02 excelsior /kernel: OUCH! cannot remove rule, count 2
Dec 18 05:41:02 excelsior /kernel: drop session, too many entries
Dec 18 05:41:02 excelsior last message repeated 2 times


Can someone explain, what these are, do they mean anything to me, are they 
critical, and short of reloading a new OS, what can I do to get rid of them. 
FYI As this is a production servers, I would prefer not to rebuild the whole 
box, I have lots of proprietary tweaks built in.

TIA!

-Grant