From owner-freebsd-questions  Fri Nov  9  2:45:48 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from swan.prod.itd.earthlink.net (swan.mail.pas.earthlink.net [207.217.120.123])
	by hub.freebsd.org (Postfix) with ESMTP id B879637B416
	for <questions@freebsd.org>; Fri,  9 Nov 2001 02:45:45 -0800 (PST)
Received: from dialup-209.245.136.224.dial1.sanjose1.level3.net ([209.245.136.224] helo=blossom.cjclark.org)
	by swan.prod.itd.earthlink.net with esmtp (Exim 3.33 #1)
	id 16299z-0002BG-00; Fri, 09 Nov 2001 02:45:35 -0800
Received: (from cjc@localhost)
	by blossom.cjclark.org (8.11.6/8.11.3) id fA9AgDU16776;
	Fri, 9 Nov 2001 02:42:13 -0800 (PST)
	(envelope-from cjc)
Date: Fri, 9 Nov 2001 02:41:42 -0800
From: "Crist J. Clark" <cristjc@earthlink.net>
To: setantae <setantae@submonkey.net>
Cc: questions@FreeBSD.ORG
Subject: Re: too many dynamic rules
Message-ID: <20011109024142.Q51134@blossom.cjclark.org>
Reply-To: cjclark@alum.mit.edu
References: <20011108201207.GA49594@rhadamanth>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <20011108201207.GA49594@rhadamanth>; from setantae@submonkey.net on Thu, Nov 08, 2001 at 08:12:07PM +0000
X-URL: http://people.freebsd.org/~cjc/
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

On Thu, Nov 08, 2001 at 08:12:07PM +0000, setantae wrote:
> 
> Can't find anything in the archives at MARC, and not sure which list
> I should be talking to, so please set followups appropriately if it
> bothers you.
> 
> For approximately 18 seconds today my firewall went apesh*t 
>  (these are all relevant entries) :
> 
> Nov  8 14:47:45 rhadamanth /kernel: Too many dynamic rules, sorry
> Nov  8 14:47:45 rhadamanth natd[218]: failed to write packet back (Permission denied)

[snip]

> At the time there was only one user logged onto the box, and no clients
> behind the firewall - unfortunately I have no idea what I was doing at the
> time,

You wouldn't have happened to have been port scanning someone (nmap or
the like)?
-- 
Crist J. Clark                     |     cjclark@alum.mit.edu
                                   |     cjclark@jhu.edu
http://people.freebsd.org/~cjc/    |     cjc@freebsd.org

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message