In a message written on Sun, Jan 04, 2004 at 05:32:17PM +0800, Ganbold wrote: > me what will happen when net.inet.ip.fw.dyn_count reaches > net.inet.ip.fw.dyn_max value?
As a random passing thought...
Anytime a new dynamic rule is denied due to reaching dyn_max, a new
counter, eg, "dropped_dyn_rules" should be incremented, so the user
can at least verify the limit is the problem.
--
Leo Bicknell - [EMAIL PROTECTED] - CCIE 3440
PGP keys at http://www.ufp.org/~bicknell/
Read TMBG List - [EMAIL PROTECTED], www.tmbg.org
pgp00000.pgp
Description: PGP signature
