[prev in list] [next in list] [prev in thread] [next in thread]
List: openbsd-pf
Subject: Re: Logging dropped states (max-src-states)
From: Richard Grint <r.l.grint () qmul ! ac ! uk>
Date: 2005-09-26 10:23:30
Message-ID: 4337CC22.2020809 () qmul ! ac ! uk
[Download RAW message or body]
Jeff Wilson wrote:
>One of my networks is behind an OpenBSD 3.5-stable firewall, and
>another network is behind a OpenBSD 3.7-stable firewall. Between the
>two networks, I am serving over 4,000 clients. Both firewalls limit
>source IP state with "max-src-states". Once a client hits this state
>limit, no new state is allowed -- which is what I want, of course.
>
>My objective is to more efficiently troubleshoot connectivity
>problems, after the fact. When I get the call from a colleague,
>asking "Can you tell me if Joe Bob was at his limit yesterday at 5pm?"
> Right now, I just shrug and say, "Nope!"
>
>Is there a straightforward way to log these "disallowed" states? Or
>perhaps a way to log which IPs have hit this ceiling, and when, and
>for how long?
>
> thanks,
> jw
>
>
>
I think set debug records that the limits were hit with 3.7 but not with 3.5
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic