On Wed, 21 Jan 2004, Adam Seniuk wrote: > I keep getting /kernel: Too many dynamic rules, sorry im my log file > several times and i am not sure whats going on I have read some articles > but they are all in 2000 and for FreeBSD 4.0.
from the ipfw(4) man page: net.inet.ip.fw.dyn_max: 8192 Maximum number of dynamic rules. When you hit this limit, no more dynamic rules can be installed until old ones expire. seems like you're hitting this limit with too many keep-state rules in your ipfw ruleset. try trimming them down a little, by adding in specific reverse packet flow rules. for eg, # allow dns queries out to the world allow udp from me to any 53 keep-state out could be split to # allow dns queries out to the world allow udp from me to any 53 out # allow incoming dns responses allow udp from any 53 to me in Regards, /\_/\ "All dogs go to heaven." [EMAIL PROTECTED] (0 0) http://www.alphaque.com/ +==========================----oOO--(_)--OOo----==========================+ | for a in past present future; do | | for b in clients employers associates relatives neighbours pets; do | | echo "The opinions here in no way reflect the opinions of my $a $b." | | done; done | +=========================================================================+ _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"