Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 5 Jun 2003 13:15:43 +0300
From:      Andrew B <nev@hotbox.ru>
To:        freebsd-ipfw <freebsd-ipfw@freebsd.org>
Subject:   IPFW OUCH! cannot remove rule, count 1
Message-ID:  <20030605131543.266dfaba.nev@hotbox.ru>

next in thread | raw e-mail | index | archive | help
Hello.

I have FreeBSD 4.7-RELEASE and I use ipfw
to limit connections to my web server.

The rules are:

allow tcp from any to me 80 limit src-addr 50 in recv em0
allow tcp from me 80 to any out xmit em0

But it seems that dynamic rules are not removing cleanly so 
i can see thess messages:

Jun  5 05:53:29 www /kernel: OUCH! cannot remove rule, count 1
Jun  5 05:53:29 www /kernel: OUCH! cannot remove rule, count 2


I found this in ip_fw.c:

if (pass == 1) /* should not happen */
                        printf("OUCH! cannot remove rule, count %d\n",

So this never should happen.

Could anyone help me with my problem?

Best Regards.



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030605131543.266dfaba.nev>