Hi there,
check to see that you are not using a "Bad" address translation rule.
it seems that when you are using a "big" network ( like 10.0.0.0/8 ) and
divide this network to smaller ones ( like a CID 24 networks ) and use those
subnets in a group and NAT that group, the firewall will use up allot
of memory to parse those rules ( hence the message you got )
to solve this problem do.
1. add more memory to be used by the Kernel module ( I know how to do that
in Solaris and NT but for Linux I guess you will need to hit the books ).
2. If you have such a "Bad" address translation rule as I described then
use super net in your rule.
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of
[EMAIL PROTECTED]
Sent: Wednesday, September 20, 2000 10:37 AM
To: [EMAIL PROTECTED]
Subject: [FW1] kmalloc problem in Linux
Hi,
We have some problems with a CP2000-SP2 (gateway/server module) when
installing and running a rulebase. Management server located on another
box.
When FW-1 downloads the policy and installs we get this error message in
the log: "FW-1: b_getvals: fw_kmalloc(982056) failed". The message repeats
a couple of times.
Is there a fix for this? Or is this a problem that could be ignored if the
messages stops coming after a while.
regards,
Bjorn Jansson
Cell Network Sweden AB
============================================================================
====
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
============================================================================
====
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
