Date: Wed, 14 Nov 2007 11:34:00 -0600 From: David DeSimone <fox@verio.net> To: freebsd-pf@freebsd.org Subject: Re: How to prevent FS overflow due to excessive logging? Message-ID: <20071114173359.GO6168@verio.net> In-Reply-To: <473B2006.8050000@casino.uni-stuttgart.de> References: <473B2006.8050000@casino.uni-stuttgart.de>
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Tobias Ernst <tobi@casino.uni-stuttgart.de> wrote: > > I do not want to disable UDP logging generally - after all I want to be > told when things like this happen. If you put "keep state" on your drop+log rule, PF will only log the first packet that gets dropped, which reduces logging considerably. However, you will not be alerted to the fact that millions of packets are being sent, in this scenario, so you would have to detect that via other means. - -- David DeSimone == Network Admin == fox@verio.net "This email message is intended for the use of the person to whom it has been sent, and may contain information that is confidential or legally protected. If you are not the intended recipient or have received this message in error, you are not authorized to copy, dis- tribute, or otherwise use this message or its attachments. Please notify the sender immediately by return e-mail and permanently delete this message and any attachments. Verio, Inc. makes no warranty that this email is error or virus free. Thank you." --Lawyer Bot 6000 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFHOzGHFSrKRjX5eCoRAlASAJ4sIqjHk1bZ01XuEL/BFS77kby5lwCcCouy 2KjtMZFaXm0OMr38Skxmk3w= =p2SR -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20071114173359.GO6168>