Synopsis: ipfw(8) reports missing file as parameter problem
State-Changed-From-To: feedback-patched
State-Changed-By: ae
State-Changed-When: Wed Jun 29 06:48:14 UTC 2011
State-Changed-Why:
Patched in head/. Thanks!
http://www.freebsd.org/cgi/query-pr.cgi?pr=156653
Hi,
On a new FreeBSD 8.2 server, ipfw complains of too many dynamic rules as
traffic increases.
e.g. ipfw: ipfw_install_state: Too many dynamic rules)
Is the following set of rules too complex? What would be the best/generic
approach to setup ipfw for a standard web server? Any recommendations?
If table 2 contains a blacklist, why not deny traffic at the top?
Why are you silently dropping fragmented TCP packets? This will break
Path MTU discovery.
Why do you have a check-state rule after rule 500? That's backwards.
You might consider putting check-state at the beginning.
You don't
Hi,
I try to use load-balancing with IPFW. I've 3 lines : 2 ADSL and 1 SDSL. I try
to loadbalance http trafic on ADSL1(192.168.7.1) and ADSL2(192.168.6.1).
My gateway has 4 network devices. 1 for each line (em 1 -192.168.5.10, em2 -
192.168.6.10, em3 -192.168.7.10), and one for local network