On Tue, Jan 15, 2002 at 01:58:33PM +0100, Jaap Boender wrote:
> Hi all,
> 
> I have a very strange problem with ipf. Up till yesterday, it worked perfectly,
> but all of a sudden, I couldn't make any connection whatsoever. I think, from
> what ipmon reports, that the 'keep state' functionality didn't work as expected;
> in my setup, I basically pass all outgoing packets with keep state and block
> everything that comes in unless it's on a port with a service (ssh, http, etc).
> 
> When I just enter 'ipf -Fa', everything works again, so it must be ipf.

When it is hung, can you try a 'ipfstat -sl' and 'ipfstat -f' 
There is a (quite higth) limit on how many state ipf can hold, maybe you're
reaching it.
It can be increased by a kernel compile, but I don't remmeber the #define
to change ...

-- 
Manuel Bouyer <bouyer@antioche.eu.org>
--