Lately I have been experiencing a weird problem with FW1 4.1 SP2. Its seems that at random intervals it refuses to accept any new connections. When you try to telnet to something behind the firewall you see the Checkpoint banner come up and then immediately drops the connection. Logging completely stops, but all existing established connections are unaffected. The processes show all of the necessary FW1 daemons are running. Below are the fw ctl pstat results:
Hash kernel memory (hmem) statistics: Total memory allocated: 3145728 bytes in 767 4KB blocks using 1 pool Total memory bytes used: 264616 unused: 2881112 (91%) peak: 529348 Total memory blocks used: 91 unused: 676 (88%) Allocations: 41879144 alloc, 0 failed alloc, 41874388 free System kernel memory (kmem) statistics: System physical memory: 255680512 bytes Available physical memory: 35708928 bytes Total memory bytes used: 4218200 peak: 4490283 Allocations: 80123 alloc, 0 failed alloc, 76614 free, 0 failed free Inspct: 453734613 packets, -1813445508 operations, 280380962 lookups, 432406705 record, -1614149889 extract Cookies: 1393585056 total, 0 alloc, 0 free, 12188405 dup, 1467523692 get, 27411008 put, -1051224271 len, 0 chain alloc, 0 chain free Fragments: 356 fragments, 126 packets, 0 expired, 0 short, 0 large, 0 duplicates, 0 failures Encryption: 0 encryption, 0 decryption, 0 short, 0 failures Translation: 13628266/695717697 forw, 13572063/697856790 bckw, 27200240 tcpudp, 89 icmp, 362210-362051 alloc Now the weird thing is that everything returns to normal when I push a policy, even if I have not made any changes. Any feedback or advise on this issue would be appreciated. Thanks. =============================================== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ===============================================
