Sorry, let me clarify something. The problem where I see this is a Windows 2003 server standalone. I also have Nokia firewalls. Will this put a strain on the nokia's?
-----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED] On Behalf Of Quick, Richard A. Sent: Wednesday, April 13, 2005 8:06 AM To: [email protected] Subject: Re: [FW-1] FW1: FW-1: fw_conn_inspect: fwconn_chain_lookup failed Is this debug something that can be run during production hours? Will it put a strain on my Nokia? -----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED] On Behalf Of Rajeev Gupta Sent: Tuesday, April 12, 2005 5:42 PM To: [email protected] Subject: Re: [FW-1] FW1: FW-1: fw_conn_inspect: fwconn_chain_lookup failed Are you seeing actual traffic issues? This might be a harmless message in case your firewall is under heavy load - there is sk26050 to look at for the solutions that can be attempted but in case you really have traffic drops, it may be worthwhile to debug at the kernel level, run fw monitor and find out the packets origin that may be failing to find a matching entry in the connections table and generating these messages. In R55, you can run the following command to do kernel level debug of your traffic: fw ctl zdebug + conn link drop > <filename> Do ctrl+c to terminate the debug after you have seen these this message. (so do the debug when almost 14 and a half minutes have passed and you are expecting a message so that the file does not grow too big but at the same time is able to capture the interested traffic). Look through the file to decipher your IP addresses throwing this message and find the reason why that particular packet is not finding the match in the entry - you might not be allowing that traffic or there is some possibility of corrupted/malformed packet? hth, Rajeev On 4/12/05, Quick, Richard A. <[EMAIL PROTECTED]> wrote: > > I have an NG AI R55 HFA13 standalone firewall running on Windows 2003 > where I'm seeing the message below. The message repeats itself every 15 > minutes. Does anyone know what issue might cause this? I found > information regarding different versions but not NG AI R55. > > FW1: FW-1: fw_conn_inspect: fwconn_chain_lookup failed > > Thanks, > Rick > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= > ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
