--- "John A. Novak" <jnovak@blueshiftinc.com> wrote: > The system iptables is running on is used only as a > firewall, has 512MB of RAM and three network > adapters. The symptom I'm seeing is that every day > or so I need to restart the iptables service to get > packets moving through the firewall again. The > system appears to have plenty of available RAM and > plenty of free disk space when the firewall is > dysfunctional. > > I am using NAT and have it configured to remap > internal addresses to two ranges of external ip > addresses, one for each of the two internal > networks. > > The periodic failure and resurrection after restart > is suggestive of a resource leak, but I'm at a loss > as to how to proceed to further debug this problem. When you say resource leak, are you referring to a memory leak? I don't think that's the case. I'm only using 64 MB of RAM on my FW and it works without restart every day. Coincidentally, does doing this change and make the firewall start allowing packets through again... try checking out the arp entries on the FW itself and see if an arp problem exists. ===== Kevin C. McConnell --RHCE-- <Red Hat Certified Engineer> __________________________________________________ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com
