Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    What happens with "Maximum number of unique source hosts (TCP/UDP/ICMP)"

    Firewalling
    2
    2
    1147
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • DerelictD
      Derelict LAYER 8 Netgate
      last edited by

      When "Maximum number of unique source hosts (TCP/UDP/ICMP)" is set in a rule, is the n+1 source host denied or is the oldest entry (and all its states) cleared and the new one added?  Or something else?

      And can I safely assume that as soon as all states for a particular source host expire, that slot is freed for another source host?

      Thanks.

      Chattanooga, Tennessee, USA
      The pfSense Book is free of charge!
      DO NOT set a source port in a port forward or firewall rule unless you KNOW you need it!
      Do Not Chat For Help! NO_WAN_EGRESS(TM)

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        New connection is denied. Old ones will die off as they close normally.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • First post
          Last post