Greetings: I'm trying to sort out an issue with drop session error messages...see below
Can some please explain what the difference / benefits between the two possible firewall rules shown below? I have been uncertain if I should use the keep-state option for the incoming connections. Incoming Connections seen to work ok without keep-state, But I also seem to get the drop session errors When there are incoming http connections Thanks for you help Brian >From firewall script #$cmd 396 allow tcp from any to me 80 in via $oif setup limit src-addr 4 # Incoming http connections $cmd 396 allow tcp from any to me 80 in via $oif setup $ks # Incoming http connections >From Log File Feb 6 12:03:25 rakort kernel: drop session, too many entries Feb 6 12:03:51 rakort last message repeated 4 times Feb 6 12:05:46 rakort last message repeated 13 times _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
