Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Source connection rate logging

    Scheduled Pinned Locked Moved Firewalling
    1 Posts 1 Posters 481 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      mastermindpro
      last edited by

      I've searched this forum and elsewhere for an answer to this, but found none.  I have a Pass firewall rule that allows traffic into a port forward.  On the firewall rule, I've defined "Max. src. conn. Rate" and "Max. src. conn. Rates" to be what I want.  The rule appears to work as I expect in testing.  My challenge is that I don't seem to be able to know when the connection rate is exceeded.

      The firewall logs show nothing, as I'm only logging explicit blocks/rejects.  My first thought was that this would only get logged if there was a second firewall rule, defined as a Block, that had logging enabled.  I've configured that, but nothing ever seems to hit that rule…so no logging.

      A Pass rule with other limits, like connection rate limiting, really kind of has two possible outcomes.  It would be nice to be able to log or otherwise know when the limit is being triggered, without having to know when the traffic is passing the rule.  Is that possible?

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.