deny-flow-max n
Specifies the maximum number of concurrent deny flows that can be created. (Syslog message 106101 is generated when the firewall has reached the maximum number, n, of ACL deny flows.)
For a firewall with greater than 64 MB Flash memory, the value can be from 1 to 4096, with a default value of 4096. For a firewall with greater than 16 MB Flash memory, the value can be from 1 to 1024, with a default value of 1024. For a firewall with less than or equal to 16 MB Flash memory, the value can be from 1 to 256, with a default value of 256.
alert-interval secs
Specifies the time interval, from 1 to 3600 seconds, for generating syslog message 106101, which alerts you that the firewall has reached a deny flow maximum. In other words, when the deny flow maximum is reached, another 106101 message is generated if has been at least secs seconds since the last 106101 message.
If this option is not specified, the default interval is 300 seconds.