Dinesh Nair wrote:

> seems like you're hitting this limit with too many keep-state rules in
> your ipfw ruleset. try trimming them down a little, by adding in
> specific reverse packet flow rules.

It does not take many at all to hit the limit.  This is what I used to use
[in /etc/sysctl.conf] on a webserver with great success:

# increase the number of dynamic firewall rules allowed

Tom Veldhouse

[EMAIL PROTECTED] mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to