|
||||||||||
We should have no p2p going on. This last reboot took 3 hours to fill up. Once the reboot is completed, we end up with md0c at 94%. We are at a loss. Does anyone have any ideas? Thanks Dwane -----Original Message----- From: Chris Buechler [mailto:cbuechler at gmail dot com] Sent: Friday, August 03, 2007 2:38 PM Cc: Monowall Support List Subject: Re: [m0n0wall] Support Questions On 8/3/07, Atkins, Dwane P <ATKINSD at uthscsa dot edu> wrote: > I actually have about 200 students on our m0n0wall between like 11 AM to > 1 PM. Md0c hot 100 %. When you are referring to states, you are talking > about all entries combined. I mean, the firewall state, the DHCP > address, etc..? No, we're talking about firewall states. Each open connection maintains a state. One SSH session to an outside server is one state. Loading a typical web page can be 10-30 states (one connection for the page itself and one per image), though those should close quickly and hence tend to not have much effect. A P2P application that is communicating with multiple sessions to hundreds of hosts can take thousands of states at any given time. A single worm infected host spewing crap onto the Internet can easily exhaust the state table because they leave states hanging waiting for replies from scanned hosts that aren't alive or are firewalled. 200 users, as long as they aren't all using P2P and there aren't any worm infected hosts, isn't going to exhaust a 30,000 state table with your typical web browsing, email, etc. -Chris --------------------------------------------------------------------- To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch |