I've been fighting a problem with my openbsd firewall for a few days now. The system is a 1 ghz Pentium processor with 512 meg of ram. It's running as a transparent bridged firewall doing nothing but packet filtering.
The problem I run into is that it will suddenly stop processing and my internet connection drops. I'll have a ping running against an external site and the firewall might stop processing packets for 2 or 3 minutes and then it starts working again. Then it may run for 20 minutes and stop working for 5 minutes. It may run 8 or 10 hours without any problems and then suddenly it gets flakey for an hour or two where I have to keep rebooting to keep it processing. The system ran for a year prior with no such problems. I have tried installing OBSD 3.4, OBSD 3.6 and OBSD 3.7 (which I'm currently running on). It has done it on all 3 versions of OBSD. I even built a new, temporary, firewall on a completely different machine and the same thing happened. It doesn't seem to be a hardware problem. The firewall sits behind a CISCO 2610 router which means a 10 meg Ethernet connection coming into the firewall. If I remove the firewall I can watch the pings and they never miss a beat. It is definitely the firewall that stops processing packets. Netstat -m shows plenty of available clusters (66% in use at peak). The packet filter table shows 600 packets per second around the time that it fails. CPU usage is very low with plenty of ram available. Has anyone heard anything about any worms or DOS attacks happening which might account for this? The problems predominantly happen late evening or in the middle of the night. Thanks, Dave
