Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 

fwaccel dos rate issue

Hello,

I am using fwaccel dos rate to block networks like this:

# fwaccel dos rate add batch /opt/CPsuite-R80.40/fw1/conf/blacklists/block-by-network.bl

and in block-by-network.bl I have:

source cidr:107.6.171.0/24 pkt-rate 0

What I end up with is this (5 copies of the same rule):

# fwaccel dos rate get | grep 107.6.171.0
operation=add uid=<5f2b91df,00000000,98c0a8c0,00004c2b> target=all timeout=none action=drop log=regular source=cidr:107.6.171.0/24 pkt-rate=0 service=any
operation=add uid=<5f87b0fa,00000027,98c0a8c0,0000770d> target=all timeout=none action=drop log=regular source=cidr:107.6.171.0/24 pkt-rate=0 service=any
operation=add uid=<5f964086,00000027,98c0a8c0,0000128e> target=all timeout=none action=drop log=regular source=cidr:107.6.171.0/24 pkt-rate=0 service=any
operation=add uid=<5f4da80f,0000001e,98c0a8c0,000036b0> target=all timeout=none action=drop log=regular source=cidr:107.6.171.0/24 pkt-rate=0 service=any
operation=add uid=<5f68113e,00000022,98c0a8c0,000079ca> target=all timeout=none action=drop log=regular source=cidr:107.6.171.0/24 pkt-rate=0 service=any

And the problem is that the moment I try to remove one of these UIDs another one is immediately added but with another UID.

I mean, I can't remove them one by one. I haven't tried to remove all UIDs in a batch but it does seems to me like something is not working properly here... 

R80.40 T83

0 Kudos
0 Replies