Hi all, I've got a strange problem on my fw, here's my lan: Fw with 3 eth eth0: external router eth1: internal LAN eth2: DMZ During the day, sometimes happens that the fw stop accepting incoming SYN packet (and I can't establish a new connection) for 15 min. mantainig instead the ESTABLISHED connection. I've disabled syn-floodin protection in kernel, I've tried flushing rules, raised kernel buffers, looked inside /proc/net/ip_conntrack finding nothing strange. My client coming from Internet can't see my website, or a LAN client can't connect to internet or DMZ. During this "ban" time (15 min.) it seems I can't do nothing restoring connections. Also it seems that my fw "ban" not all the net, but some client. Any ideas? Thanks my sys: rh9, kernel 2.4.20-30.9 (latest official patch) my hw: 2cpu PIII Xeon + 1,5gb RAM -- ~~~~ Domenico Gargano [Network Administrator] ~~~~ Planetek Italia s.r.l. :tel:+39 080 5343750 Via Massaua, 12 - I-70123 BARI :fax:+39 080 5340280 ~~~ email: gargano@xxxxxxxxxxx ~~~ www.planetek.it ~~~
