Hello.

I am using NetBSD-1.6 in a i386 box.
I use both IPFilter and IPNAT since 1.5.2, and have had this problem since 
back there.

After some time of heavy network activity (as easily created by P2P 
programs like eMule) IPFilter goes nuts:
New network connections cannot be estabilished (not even nslookup)
Existing connections choke, and hardly pass on any data
When doing ipfstat I get things like
packet state(out):      kept 12812      lost 2802223

The only way I've found to solve temporarily the problem is to 
/etc/rc.d/ipfilter restart.

The rules have changed in time, I guess it's not because of ruleset?
I know for sure it's not the processor, as it hardly gets over 50% used.

Does anyone have any idea?
Ruleset available to those who want it :)

Thank you for your patience.
-- 
--- TLD
"There is no Good, one thorough, there is no Evil, there is only Flesh"
   [Pinhead]