So I am working on a project to help a friend, and while running nmap 
with the following syntax:
 "nmap -sS -P0 -O -sV -p0-65535"  I locked up m0n0wall running 1.3b4.  
Repeating the experiment, but this time monitoring the firewall, I 
observed the CPU spike to 75%, the state table grow huge, and the memory 
usage climb to 30% before the firewall locked up.  Killing the nmap 
process and then waiting for the states to clear makes the firewall 
happy, but it is still stuck with 30% memory used from 11% on my config 
on a soekris 8501 with the extra memory.  (256MB I think.)  I was able 
to repeat this at will, so it seems to be quite constant. 

I have rolled back to 1.3b3 and rerun the nmap and I see the following 
system performance differences:  Memory usage only climbs to 24% during 
the test, which remains "lost" even after the nmap scan is completed.  
(Not sure when this is cleaned up normally as I haven't been watching 
CPU stat all that closly in the past. This could be normal for all I 
know, with clean up happening in an hour or so.) CPU usage stays between 
25-40% and the state tables don't seem to get filled up and all returns 
to normal after the nmap scan is complete.  E.g. most notable the 
firwall keeps processing new states and operates in all other 
capacities, and of course the scan completes as required. 

I don't see anything in the change notes from 1.3b3 to 1.3b4 that might 
cause this.  Any ideas on what to look for so I can perhaps provide more 
info on this, and can someone recreate this issue on your end? Thanks!

-F