Reset Counters

["Bob McDowell" <bmcdowell () coxhealthplans com>]

Bring on the penalty drinks, but I need help.

True or False: 'USER overflow' rules are triggered by the same IP passing
too many 'USER' commands from the same IP within a specified amount of time.

At first I thought this was how this worked.  Testing certainly seemed to
prove it out to be so.  If this is the case, I need to allow more
consecutive attempts before I sent a 'resp' packet.

In researching the rule (specifically the FTP USER overflow rule) I can't
find anything that relates to my observation.  From looking at the rule, it
seems to examine the content of each packet - and not have anything to do
with the number of tries.

Thus, confusion ensues.

Any help would be greatly appreciated.  Also anything written more clearly
than the 'How to Write..' that might explain this would be great.  Maybe I'm
just tired, but it is giving me a headache.



Bob McDowell
IS Specialist
Cox HealthPlans, LLC
417.269.2848