[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[FW1] Rule compliation Problem
Sorry about the subject line on the previous post. The mail
interface failed to read my mind <g>.
I'm trying to add another rule, but when I do the ruleset won't compile.
This rule needs to allow 4 hosts to ftp one 1 host. I was able to add
the rule, but only with 1 inbound host. If I add a second (or third
or fourth) host, it no longer compiles, and fails with the
can't file host_list29
When I read the .pf file, I can find host_list29 just fine,
it's defined properly and referenced in the rules. The
contents of host_list29 change as a try various permutations,
it isn't always the hosts I'm trying to add to the rule.
My firewall is FW-1 3.0b-3072 running on Solaris 2.6. I now
have 58 rules (it's a departmental firewall with 5 interfaces).
Unfortunately I only have 64 megs of ram (I have a new server on
my desk to replace it, but it's not quite ready).
Any ideas why the compliation fails? Am I running out of
Can I copy the fw directory to another system and
run /etc/fw/bin/fw xxx (like compile, and log export) without
licensing it (i.e. offload heavy processing other than the
fwd to a server with spare capacity)? Debugging suggestions?
I have called my VAR, but their support is currently in
flux, and they don't appear to be able to help at the
Any help will be greatly appreciated.
Get free e-mail and a permanent address at http://www.amexmail.com/?A=1
To unsubscribe from this mailing list, please see the instructions at