It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda CloudGen Firewall

What do the firewall history entries 'Rate Limit Exceeded' and 'Block Size Limit Exceeded' mean on the Barracuda NG Firewall?

  • Type: Knowledgebase
  • Date changed: 2 years ago
Solution #00005138
 
Scope:
This solution replies to:
- NG Firewall firmware versions 4.2.x,5.0.x, 5.2.x
- netfence firmware versions 4.2.x

 
Symptoms:

What is the meaning of the following firewall history entries? How can the this limits be changed?


"Block Size Limit Exceeded(associated with Event-ID 4012 - "FW Large ICMP Packet Dumped")

"Rate Limit Exceeded (associated with Event-ID 4002 - "FW Flood Ping Protection Activated")


 

Solution:

The entry "Block Size Limit Exceeded" indicates that maximum ping size (default: 10000 bytes) has been reached.
The entry "Rate Limit Exceeded" indicates that the configured minimum offset between solitary pings (default: 10 ms) has been under-run.

The effective default values are configured in the ICMP (Global) object of a firewall rule set.

1) To change these values browse to "Config" > "Box" > "Virtual Servers" > "<Servername>" > "Affected Services" > "<Servicename>" > "Forwarding Rules" > "Services Objects".

 

2) Edit the ICMP (Global) Object.

 

3) The following parameters in the ICMP Echo section influence the described Access Cache entries:


        - Increasing the "Max Ping Size" value will most probably reduce "Block Size Limit Exceeded" entries.
        - Decreasing the "Min Delay" value will most probably reduce "Rate Limit Exceeded" entries. 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Link to This Page:
https://campus.barracuda.com/solution/50160000000IKYtAAO