Date: Fri, 10 Sep 2010 14:35:27 +0200 From: Gareth de Vaux <bsd@lordcow.org> To: stable@freebsd.org Subject: Re: ipfw: Too many dynamic rules Message-ID: <20100910123527.GB55978@lordcow.org> In-Reply-To: <20100910023132.E73353@sola.nimnet.asn.au> References: <20100909153902.GA28341@lordcow.org> <20100910023132.E73353@sola.nimnet.asn.au>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri 2010-09-10 (03:18), Ian Smith wrote: > Try using 'limit' rather than the unlimited 'keep-state' for inbound > dynamic connections to your server/s. eg, derived from ipfw(8): These are mostly legitimate connections though, they just aren't being closed properly. So if limit were to have an affect in my scenario, it would just prevent legitimate users from reconnecting.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20100910123527.GB55978>