Shorewall users - Apr 2006 - Broadcast connection tracking?

Hope this is not an FAQ.

When I look at the output of "shorewall show connections"
I see a lot of broadcast addresses like 255.255.255.255
and also 10.1.1.255 (local network). Is that on purpose? 
It seems like a waste of resources to me. I guess the
connection tracking has a limit. Should I be worried?

To avoid cluttering up this forum i''ve put the output
on http://www.xs4all.nl/~rvdm/connections.txt

Ronald

--
Ronald van der Meer | Senior Software Engineer
 
Adlib Information Systems
P.O. Box 1436 | 3600 BK Maarssen | The Netherlands
Tel. +31 (0)30 - 2411885 | Fax. +31 (0)30 - 2412568
http://www.adlibsoft.com | mailto:r.vdmeer@adlibsoft.com

On Wednesday 05 April 2006 02:15, Ronald van der Meer
wrote:
> Hope this is not an FAQ.
>
> When I look at the output of "shorewall show connections"
> I see a lot of broadcast addresses like 255.255.255.255
> and also 10.1.1.255 (local network). Is that on purpose?
> It seems like a waste of resources to me. I guess the
> connection tracking has a limit. Should I be worried?
No -- since broadcast connection tracking really doesn''t work, those
entries
are available for reuse any time they are needed.

-Tom
-- 
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep@shorewall.net
PGP Public Key   \ https://lists.shorewall.net/teastep.pgp.key