[EMAIL PROTECTED] said: > 135 is closed in both directions. However, I get the message "Neighbour > table overflow" on the firewall (debian stable w/ kernel 2.4.27) and the > entire network comes to a standstill. The cpu load isn't even close to a ... > Should it really be possible for a single infected windows machine to dos > a linux firewall? Please tell me it's not true and there's just something > I'm overlooking. I'm at my wits end here and don't even know what to try > next. So any pointers are much appreciated.
The entire neighbor cache was completely rewritten recently, and I believe it was prompted by exactly this sort of situation. That work will be released as part of linux 2.6.9, iirc. There's also a backport pending for 2.4, though probably not 2.4.28. Check out this thread: http://thread.gmane.org/gmane.linux.network/16302 Jason -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
