Jeff Wilson wrote:
One of my networks is behind an OpenBSD 3.5-stable firewall, and another network is behind a OpenBSD 3.7-stable firewall. Between the two networks, I am serving over 4,000 clients. Both firewalls limit source IP state with "max-src-states". Once a client hits this state limit, no new state is allowed -- which is what I want, of course.My objective is to more efficiently troubleshoot connectivity problems, after the fact. When I get the call from a colleague, asking "Can you tell me if Joe Bob was at his limit yesterday at 5pm?" Right now, I just shrug and say, "Nope!" Is there a straightforward way to log these "disallowed" states? Or perhaps a way to log which IPs have hit this ceiling, and when, and for how long? thanks, jw
I think set debug records that the limits were hit with 3.7 but not with 3.5
