hi all, im in the process of changing my fw machine for that atm im simulating and testing. I got a very fair question 1) How much RAM and and processor would be best for moderate firewall box? Unfortunatly currently my company running the fw on a P-III 500MHz with 128MB of RAM. I am wondering if I change to default DROP things (atm its default ACCEPT) aren't these specification kinda makes problem? right now 75 users online the /proc/net/ip_conntrack shows egrep 'ESTABLISHED|ASSURED' /proc/net/ip_conntrack | wc -l 4888 cat /proc/net/ip_conntrack | wc -l 6511 well these number would probably little higher when 120 users online. Is my current fw machine specs adequate for such ip_conntrack load? regards Askar (after bouncing head on desk for days trying to get mine working, I'll make your life a little easier)
