4. Source connection rate logging

Source connection rate logging

  • M

    I've searched this forum and elsewhere for an answer to this, but found none.  I have a Pass firewall rule that allows traffic into a port forward.  On the firewall rule, I've defined "Max. src. conn. Rate" and "Max. src. conn. Rates" to be what I want.  The rule appears to work as I expect in testing.  My challenge is that I don't seem to be able to know when the connection rate is exceeded.

    The firewall logs show nothing, as I'm only logging explicit blocks/rejects.  My first thought was that this would only get logged if there was a second firewall rule, defined as a Block, that had logging enabled.  I've configured that, but nothing ever seems to hit that rule…so no logging.

    A Pass rule with other limits, like connection rate limiting, really kind of has two possible outcomes.  It would be nice to be able to log or otherwise know when the limit is being triggered, without having to know when the traffic is passing the rule.  Is that possible?

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy