IPFW OUCH! cannot remove rule, count 1
Philip Reynolds
philip.reynolds at rfc-networks.ie
Thu Jun 5 04:10:21 PDT 2003
Andrew B <nev at hotbox.ru> 31 lines of wisdom included:
> allow tcp from any to me 80 limit src-addr 50 in recv em0
> allow tcp from me 80 to any out xmit em0
>
> But it seems that dynamic rules are not removing cleanly so
> i can see thess messages:
>
> Jun 5 05:53:29 www /kernel: OUCH! cannot remove rule, count 1
> Jun 5 05:53:29 www /kernel: OUCH! cannot remove rule, count 2
>
>
> I found this in ip_fw.c:
>
> if (pass == 1) /* should not happen */
> printf("OUCH! cannot remove rule, count %d\n",
Can you CVSup, there were problems with limit in previous releases,
newer versions fix this IIRC.
Phil.
--
Philip Reynolds | RFC Networks Ltd.
philip.reynolds at rfc-networks.ie | +353 (0)1 8832063
http://people.rfc-networks.ie/~phil | www.rfc-networks.ie
More information about the freebsd-ipfw
mailing list