We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda NextGen Firewall X

What do the firewall history entries 'Rate Limit Exceeded' and 'Block Size Limit Exceeded' mean on the Barracuda NG Firewall?

  • Type: Knowledgebase
  • Date changed: 5 months ago
Solution #00005138
 
Scope:
This solution replies to:
- NG Firewall firmware versions 4.2.x,5.0.x, 5.2.x
- netfence firmware versions 4.2.x

 
Symptoms:

What is the meaning of the following firewall history entries? How can the this limits be changed?


"Block Size Limit Exceeded(associated with Event-ID 4012 - "FW Large ICMP Packet Dumped")

"Rate Limit Exceeded (associated with Event-ID 4002 - "FW Flood Ping Protection Activated")


 

Solution:

The entry "Block Size Limit Exceeded" indicates that maximum ping size (default: 10000 bytes) has been reached.
The entry "Rate Limit Exceeded" indicates that the configured minimum offset between solitary pings (default: 10 ms) has been under-run.

The effective default values are configured in the ICMP (Global) object of a firewall rule set.

1) To change these values browse to "Config" > "Box" > "Virtual Servers" > "<Servername>" > "Affected Services" > "<Servicename>" > "Forwarding Rules" > "Services Objects".

 

2) Edit the ICMP (Global) Object.

 

3) The following parameters in the ICMP Echo section influence the described Access Cache entries:


        - Increasing the "Max Ping Size" value will most probably reduce "Block Size Limit Exceeded" entries.
        - Decreasing the "Min Delay" value will most probably reduce "Rate Limit Exceeded" entries. 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Link to This Page:
https://campus.barracuda.com/solution/50160000000IKYtAAO