Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

re: [FW1] Resource Problem

To: <[email protected]>
Subject: re: [FW1] Resource Problem
From: "Jon Vandiveer" <[email protected]>
Date: Wed, 10 Jan 2001 17:36:21 -0500
Reply-to: "Jon Vandiveer" <[email protected]>
Sender: [email protected]

It is always comforting to know that for all of the security we preach.....
(patches/updates/etc)
there are still FW's out there running with no patches and updates


:)

ahh job security



Date: Wed, 10 Jan 2001 12:40:38 -0600
From: [email protected] (Boyd Nation)
Subject: [FW1] Resource Problem

I have a firewall which has been running nicely for years and has suddenly
decided to choke.  Here is the identifying information:

OS:  Solaris 2.6
FW-1 Version:  4.0 SP 1

Symptoms:

Logging stopped.  NFS traffic (*) stopped being allowed through.  The
following messages began to appear in /var/adm/messages:

Jan  8 09:14:01 ems-fw01 unix: FW-1: log message queue is full
Jan  8 09:15:12 ems-fw01 unix: FW-1: lost 512 log/trap messages
Jan  8 09:15:12 ems-fw01 unix: FW-1: log message queue is full
Jan  8 09:17:26 ems-fw01 unix: FW-1: lost 512 log/trap messages

The following message began appearing by the thousands in fwd.log:

fwd: fwdom: Failed to create pipe: Too many open files

In addition, I got the following in fwd.log:

fwd: Can't open database/rules.C: Too many open files

After following Checkpoint support's suggestion to increase the size of
the log message queue, the message changed regarding the number of
messages lost, but the other symptoms remained the same, with the addition
of thousands of the following in fwd.log:

fwd: fwauthd: socketpair(AF_UNIX, SOCKETPAIR): Too many open files

After a reboot, everything functions properly for around an hour, then the
problems reliably start.

Checkpoint's next suggestion is to upgrade.  I'd prefer to avoid this for
now, for a variety of reasons, so I thought I'd ask here first to see if
anyone had any ideas.  I'm probably running out of some system resource,
but I can't figure out what.  Any ideas for where to look next?

- --
Boyd Nation         Energy Management Systems Services     Southern Company
[email protected]:================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: Re: [FW1] Raptor to FW1
Next by Date: RE: [FW1] Freeware/shareware scanner to do an analysis against my FW-1
Previous by thread: [FW1] Resource Problem
Next by thread: RV: [FW1] MS-SQL
Index(es):
- Date
- Thread