[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Logging when max-src-states hit

To: misc_(_at_)_openbsd_(_dot_)_org
Subject: Re: Logging when max-src-states hit
From: Kevin <kkadow_(_at_)_gmail_(_dot_)_com>
Date: Wed, 9 Feb 2005 10:25:58 -0600
Reply-to: Kevin <kkadow_(_at_)_gmail_(_dot_)_com>

On Wed, 09 Feb 2005 08:39:10 -0500, Daniel Hamlin
<hamlin_(_at_)_rose-hulman_(_dot_)_edu> wrote:
> I guess what would be most beneficial would be to log the connection
> that fails.  So, in the example of my computer being limited to 10
> states, attempting to create the 11th state would generate a pflog entry
> with the pertinent connection information.
. . .
> Just an idea.

Not just an idea... a good idea.

It'd be quote helpful for pflog to record when a connection is denied
due to a host exhausting it's max-src-states.

Usually I don't hear from a user about a problem until hours/days
after the fact, having these visible in pflog would make
troubleshooting much easier.

Kevin Kadow

References:
- Logging when max-src-states hit
  - From: Daniel Hamlin
- Re: Logging when max-src-states hit
  - From: Daniel Hamlin

Prev by Date: PF anchors
Next by Date: pf.conf macro help needed
Previous by thread: Re: Logging when max-src-states hit
Next by thread: Re: Message
Index(es):
- Date
- Thread

Visit your host, monkey.org