>
>Hello.
>
>I am using NetBSD-1.6 in a i386 box.
>I use both IPFilter and IPNAT since 1.5.2, and have had this problem since 
>back there.
>
>After some time of heavy network activity (as easily created by P2P 
>programs like eMule) IPFilter goes nuts:
>New network connections cannot be estabilished (not even nslookup)
>Existing connections choke, and hardly pass on any data
>When doing ipfstat I get things like
>packet state(out):      kept 12812      lost 2802223
>
>The only way I've found to solve temporarily the problem is to 
>/etc/rc.d/ipfilter restart.
>
>The rules have changed in time, I guess it's not because of ruleset?
>I know for sure it's not the processor, as it hardly gets over 50% used.
>
>Does anyone have any idea?
>Ruleset available to those who want it :)

Look into QoS so you can set priorities on bandwidth usage. It seems to 
me that you are running into bandwidth limitation problems