It seems like your browser didn't download the required fonts. Please revise your security settings and try again.

Login Sign Up Contact & Support

United States – English (GMT-5)

Email Protection

Total Email Protection

Email Gateway Defense (Email Security)

Impersonation Protection (Sentinel)

Cloud Archiving Service

Security Awareness Training (PhishLine)

Email Security Gateway

Incident Response

Message Archiver

WAF-as-a-Service

Web Application Firewall

Cloud Security Guardian

Load Balancer ADC

Vulnerability Manager

Web Security Agent

Vulnerability Remediation Service

WAF Control Center

Active DDoS Prevention

Reporting Server

CloudGen Firewall

CloudGen Access

Network Access Client

Firewall Insights

Web Security Gateway

Firewall Policy Manager

Cloud-to-Cloud Backup

Server Backup (Yosemite)

RMM (Managed Workplace)

Managed Security Awareness Training (Managed Phishline)

Intronis Backup

MSP – Partner Management

MSP Knowledge Base

Site Security Scanner

MSP – Partner Sales Enablement

NextGen Firewall X

Campus Help Center / Reference

Support Services

Network Security

Barracuda NextGen Firewall X

Overview Documentation Materials

Email Protection

Total Email Protection

Email Gateway Defense (Email Security)

Impersonation Protection (Sentinel)

Cloud Archiving Service

Security Awareness Training (PhishLine)

Email Security Gateway

Incident Response

Message Archiver

WAF-as-a-Service

Web Application Firewall

Cloud Security Guardian

Load Balancer ADC

Vulnerability Manager

Web Security Agent

Vulnerability Remediation Service

WAF Control Center

Active DDoS Prevention

Reporting Server

CloudGen Firewall

CloudGen Access

Network Access Client

Firewall Insights

Web Security Gateway

Firewall Policy Manager

Cloud-to-Cloud Backup

Server Backup (Yosemite)

RMM (Managed Workplace)

Managed Security Awareness Training (Managed Phishline)

Intronis Backup

MSP – Partner Management

MSP Knowledge Base

Site Security Scanner

MSP – Partner Sales Enablement

NextGen Firewall X

Campus Help Center / Reference

Support Services

Network Security

Login Sign Up Contact & Support

United States – English (GMT-5)

Back to Knowledgebase

What do the firewall history entries 'Rate Limit Exceeded' and 'Block Size Limit Exceeded' mean on the Barracuda NG Firewall?

Type: Knowledgebase
Date changed: 3 years ago

Solution #00005138

Scope:

This solution replies to:
- NG Firewall firmware versions 4.2.x,5.0.x, 5.2.x
- netfence firmware versions 4.2.x

Symptoms:

What is the meaning of the following firewall history entries? How can the this limits be changed?

"Block Size Limit Exceeded" (associated with Event-ID 4012 - "FW Large ICMP Packet Dumped")

"Rate Limit Exceeded" (associated with Event-ID 4002 - "FW Flood Ping Protection Activated")

Solution:

The entry "Block Size Limit Exceeded" indicates that maximum ping size (default: 10000 bytes) has been reached.
The entry "Rate Limit Exceeded" indicates that the configured minimum offset between solitary pings (default: 10 ms) has been under-run.

The effective default values are configured in the ICMP (Global) object of a firewall rule set.

1) To change these values browse to "Config" > "Box" > "Virtual Servers" > "<Servername>" > "Affected Services" > "<Servicename>" > "Forwarding Rules" > "Services Objects".

2) Edit the ICMP (Global) Object.

3) The following parameters in the ICMP Echo section influence the described Access Cache entries:

- Increasing the "Max Ping Size" value will most probably reduce "Block Size Limit Exceeded" entries.
- Decreasing the "Min Delay" value will most probably reduce "Rate Limit Exceeded" entries.

Link to This Page:

https://campus.barracuda.com/solution/50160000000IKYtAAO

Additional Resources

More

Print Share Page