Hey gurus, We've an ip440 with ipso 3.3 and 4.1 SP3.
Last Thursday night after adding a new firewall object and the associated rule, NAT, ARP and static info, I installed the policy and then rebooted the FW via the voyager interface (I've had probs b4 with arp settings not taking sometimes). After the reboot performance had taken a big hit, especially file sharing and web serving. I reinstalled the prior policy with no effect. Performance has degraded markedly. The last policy change b4 this was 2 months earlier, and the FW has been rebooted a few times since then with no problem. Then today while searching for the cause l found the following error message: "Sep 23 14:09:52 fw1001 [LOG_CRIT] kernel: ex_expire: c6e58a58 (data: c6e58a2c) ld_del failed to ex_remove !" Searching through the archives l see that this is caused by a bug in flows fixed by installing SP5. Can anyone confirm if this is so? Could this be the cause of my sudden degraded performance? Also l decided to do a fwstop/fwstart to see if this would clear some tables, and maybe improve the fw performance. The moment l did the fwstop, my ssh session froze. When l investigated the box l found it in the process of rebooting. Very disturbing. Though performance did improve somewhat, the reboot was very disturbing. Has anyone else experienced this problem? Could the crash/reboot have been related to the performance issues? Thanks for any help or advice. Al ================================================= To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
