On 3/20/06, luke <[EMAIL PROTECTED]> wrote: > what does netstat -m say? >
312 mbufs in use: 307 mbufs allocated to data 1 mbuf allocated to packet headers 4 mbufs allocated to socket names and addresses 307/322/6144 mbuf clusters in use (current/peak/max) 740 Kbytes allocated to network (93% in use) 0 requests for memory denied 0 requests for memory delayed 0 calls to protocol drain routines I have a further data point; this started happening when I switched to policy-based filtering (i.e. using tags extensively). I also have a few rules which only retag traffic (i.e. LAN_TO_WAN gets retagged as PASS), which may be unusual enough to explain how other people are not having this problem. I'm going to experiment further. -- Security Guru for Hire http://www.lightconsulting.com/~travis/ -><- GPG fingerprint: 9D3F 395A DAC5 5CCC 9066 151D 0A6B 4098 0C55 1484