Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 5 Jun 2003 11:10:17 +0000
From:      Philip Reynolds <philip.reynolds@rfc-networks.ie>
To:        freebsd-ipfw@freebsd.org
Subject:   Re: IPFW OUCH! cannot remove rule, count 1
Message-ID:  <20030605111017.GB64530@rfc-networks.ie>
In-Reply-To: <20030605131543.266dfaba.nev@hotbox.ru>
References:  <20030605131543.266dfaba.nev@hotbox.ru>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
Andrew B <nev@hotbox.ru> 31 lines of wisdom included:
> allow tcp from any to me 80 limit src-addr 50 in recv em0
> allow tcp from me 80 to any out xmit em0
> 
> But it seems that dynamic rules are not removing cleanly so 
> i can see thess messages:
> 
> Jun  5 05:53:29 www /kernel: OUCH! cannot remove rule, count 1
> Jun  5 05:53:29 www /kernel: OUCH! cannot remove rule, count 2
> 
> 
> I found this in ip_fw.c:
> 
> if (pass == 1) /* should not happen */
>                         printf("OUCH! cannot remove rule, count %d\n",

Can you CVSup, there were problems with limit in previous releases,
newer versions fix this IIRC.

Phil.
-- 
Philip Reynolds                      | RFC Networks Ltd.
philip.reynolds@rfc-networks.ie      | +353 (0)1 8832063
http://people.rfc-networks.ie/~phil  | www.rfc-networks.ie


Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?20030605111017.GB64530>