Possible to generate log when specific host reaches max state set in rule?



  • I am currently testing the blocking of TCP SYN Flood attack. I have set the max state per host as follows:
    0_1545856672965_3bca1c19-5299-4d28-b678-4f4120d83f70-image.png

    That is the firewall rule associated with the NAT rule.

    It can successfully block a TCP SYN Flood attack from a specific host, but what I want is when a specific host reaches the "Max. Src. states" set in the rule, it will generate a log message. Is it possible?

    Thanks.



  • Anyone have ideas?