A lot of the memory 'eating' in Netfilter is from storing runtime information about active connections when you are NATing connections, which I imagine you are. To reduce the memory glut in Netfilter, I would say use less connections :-) or else limit the time that connections stay in the system. Mind you, if you shrink them too much, you will get dropped connections during normal operations. I would say that 32MB is very limited. You may want to scalp any and everything else on the machine. You can save up a decent chunk of mem by just shutting down crap. For a firewall machine, this is pretty obvious. Maybe I am not the best to describe this. I have a memory leak somewhere in my setup that leads to a reboot every month, and I have 256 MB.
