Did the symptoms go away after the restart? If not the it looks like time to do an fw mon or tcpdump.
Christian > -----Original Message----- > From: Mailing list for discussion of Firewall-1 > [mailto:[EMAIL PROTECTED] On Behalf > Of Cem Akbas > Sent: Thursday, April 14, 2005 11:59 AM > To: [email protected] > Subject: Re: [FW-1] Need Help > > Hi Christian, > > It is already included. It is where i follow the dropped > connections and understand that it is dropped by the last rule... > > > On 4/14/05, Christian Chiaverini <[EMAIL PROTECTED]> wrote: > > Is the logfile stating the drop is from the last rule? If not, can > > you include it? > > > > > > Christian > > > > > > > -----Original Message----- > > > From: Mailing list for discussion of Firewall-1 > > > [mailto:[EMAIL PROTECTED] On > Behalf Of Cem > > > Akbas > > > Sent: Thursday, April 14, 2005 10:41 AM > > > To: [email protected] > > > Subject: Re: [FW-1] Need Help > > > > > > Hi, > > > > > > For example : > > > My 2nd rule is : > > > Source:ANY Dest:1.11.x.x Serv:HTTP Act : ACCEPT . > > > . > > > . > > > And the last rule is > > > source any Dest any Serv Any Act :drop > > > > > > Someone try to connect my 1.11.x.x server from http but > my firewall > > > passes the 2nd rule and drops this connection from the last rule. > > > > > > I think it is because of memory leak. When i look from " fw ctl > > > pstat " : > > > > > > Total memory bytes used: 64683000 unused: 6620168 > > > (9.28%) peak: 64982960 > > > Total memory blocks used: 16362 unused: 1028 (5%) > > > peak: 16363 > > > > > > and then it begins to cut connections. > > > > > > After i restart CP it becomes %54 unused memory.... > > > > > > Any idea? Thanks in advance... > > > > > > ================================================= > > > To set vacation, Out-Of-Office, or away messages, send an > email to > > > [EMAIL PROTECTED] > > > in the BODY of the email add: > > > set fw-1-mailinglist nomail > > > ================================================= > > > To unsubscribe from this mailing list, please see the > instructions > > > at http://www.checkpoint.com/services/mailing.html > > > ================================================= > > > If you have any questions on how to change your subscription > > > options, email [EMAIL PROTECTED] > > > ================================================= > > > > > > > ================================================= > > To set vacation, Out-Of-Office, or away messages, send an email to > > [EMAIL PROTECTED] > > in the BODY of the email add: > > set fw-1-mailinglist nomail > > ================================================= > > To unsubscribe from this mailing list, please see the > instructions at > > http://www.checkpoint.com/services/mailing.html > > ================================================= > > If you have any questions on how to change your > subscription options, > > email [EMAIL PROTECTED] > > ================================================= > > > > ================================================= > To set vacation, Out-Of-Office, or away messages, send an > email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your subscription > options, email [EMAIL PROTECTED] > ================================================= > ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
