From owner-freebsd-questions  Fri Jun  7 23:37:43 2002
Delivered-To: freebsd-questions@freebsd.org
Received: from some.ants.ate.my.cat5.at.dsgx.org (some.ants.ate.my.cat5.at.dsgx.org [64.215.225.2])
	by hub.freebsd.org (Postfix) with ESMTP id B0E3137B401
	for <freebsd-questions@freebsd.org>; Fri,  7 Jun 2002 23:37:38 -0700 (PDT)
Received: from some.ants.ate.my.cat5.at.dsgx.org (localhost.dsgx.org [64.215.225.2])
	by some.ants.ate.my.cat5.at.dsgx.org (8.12.4/8.12.3) with SMTP id g582bFMN026387
	for <freebsd-questions@freebsd.org>; Sat, 8 Jun 2002 02:37:15 GMT
X-Authentication-Warning: some.ants.ate.my.cat5.at.dsgx.org: Host localhost.dsgx.org [64.215.225.2] claimed to be some.ants.ate.my.cat5.at.dsgx.org
Date: Sat, 8 Jun 2002 02:37:15 +0000
From: hh <hh@dsgx.org>
To: freebsd-questions@freebsd.org
Subject: weird filter
Message-Id: <20020608023715.69ffc69f.hh@dsgx.org>
Organization: dsgx net solutions
X-Mailer: Sylpheed version 0.7.4 (GTK+ 1.2.10; i386-portbld-freebsd4.5)
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

when i putted the option 
tcp_drop_synfin="YES"
..
and on the kernel .. 
option          TCP_DROP_SYNFIN

plus 
an ipfw rule to limit src-addr .. 
i can't let the machine get busy .. like with a bunch of apache proccess .. let's say .. that way .. and i start getting
Jun  8 02:10:04 some /kernel: OUCH! cannot remove rule, count 1
Jun  8 02:10:04 some /kernel: OUCH! cannot remove rule, count 1
Jun  8 02:10:05 some /kernel: OUCH! cannot remove rule, count 1
Jun  8 02:10:05 some /kernel: OUCH! cannot remove rule, count 2
Jun  8 02:10:05 some /kernel: OUCH! cannot remove rule, count 1
Jun  8 02:10:05 some /kernel: OUCH! cannot remove rule, count 2
Jun  8 02:10:05 some /kernel: OUCH! cannot remove rule, count 1
Jun  8 02:10:05 some /kernel: OUCH! cannot remove rule, count 2

bunch of them. .
and after a while .. the load average goes to 100 , 120 .. and goes all the way down to 40 .. 50 .. until the apache proccess .. goes to 120 .. or something .. stops .again .
and im sure is not flood, from somebody and the bsd is trying to let them in .. but the rules on kernel .. or ipfw .. are saying no .. or something .. does anybody has a clue how to stop .. this issue .. so i don't have some crazy load averages ?
im running fbsd 4.5p4
thx

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message