[FW-1] Memory and FTP Issue about NG FP3

[XIONG,TONY (HP-China,ex1) [Permanent Link]]

Hello,

I met very strange issues in a system which includes SVN and secure clients
running on secure platform.
One is memeory issue. The following is information from free command. Pls
pay attention to the memory usage of dtps process, it's almost 2140M virtual
memory and 450M physical memory. The system has run for one month. My 2G
memory will run out.

# free
             total       used       free     shared    buffers     cached
Mem:       2059196    2054076       5120          0      43064     127964
-/+ buffers/cache:    1883048     176148
Swap:      2040244    2040068        176

# top
  8:28am  up 47 days,  9:54,  1 user,  load average: 0.44, 0.45, 0.39
89 processes: 87 sleeping, 2 running, 0 zombie, 0 stopped
CPU0 states:  2.0% user, 21.0% system,  0.0% nice, 76.3% idle
CPU1 states:  1.2% user, 22.1% system,  0.0% nice, 76.0% idle

  PID USER     PRI  NI  SIZE  RSS SHARE STAT %CPU %MEM   TIME COMMAND
  836 root       9   0 2140M 450M  2724 S     0.0 22.4   2:51 dtps
 1005 root       9   0  312M  68M  1236 S     0.0  3.3   2:36 fgd50
 1014 root       9   0  312M  68M  1236 S     0.0  3.3   0:01 fgd50
 1015 root       9   0  312M  68M  1236 S     0.0  3.3   0:00 fgd50
  695 root       9   0 31304  25M  9632 S     0.0  1.2  14:05 fwm
  743 root       8   0 31304  25M  9632 S     0.0  1.2   0:00 fwm
  744 root       9   0 31304  25M  9632 S     0.0  1.2   0:00 fwm
  745 root       9   0 31304  25M  9632 S     0.0  1.2   0:00 fwm
  746 root       9   0 31304  25M  9632 S     0.0  1.2   0:00 fwm
25318 root       9   0 31304  25M  9632 S     0.0  1.2   0:00 fwm
  924 root       9   0 30552  20M  2796 S     0.1  1.0  16:09 netsod
  967 root       9   0 30552  20M  2796 S     0.0  1.0   0:01 netsod
  968 root       9   0 30552  20M  2796 S     0.0  1.0   0:00 netsod
 4184 root       9   0 24716  17M  5900 S     0.0  0.8   2:39 cplmd
 4187 root       8   0 24716  17M  5900 S     0.0  0.8   0:00 cplmd
 4188 root       9   0 24716  17M  5900 S     0.0  0.8   0:00 cplmd
 4189 root       9   0 24716  17M  5900 S     0.0  0.8   0:03 cplmd
  584 root       9   0 19332  14M  7008 S     0.0  0.7  11:25 cpd

Another issue is about ftp. I transfered file  from internel network to DMZ
netowrk, after transfering several files, FW hung my connection. If I send
one very big file, it's ok. Why doesn't cp let me transfer multiple files. I
have changed several kinds of ftp softwares. I unchecked all items about ftp
in smartdefense. But it's the same. Following is error information.
Number:       429
Date:         6Jun2003
Time:         13:57:02
Product:      VPN-1 & FireWall-1
Interface:    eth3
Origin:       hqfw1
Type:         Log
Action:       Reject
Service:      ftp
Source:       it04-lds
Destination:  61.153.244.186
Protocol:     tcp
Source Port:  3064
Information:  reason: tried to open a known service port,
  protocol: tcp
  port_svc: netshow


Could someone help me resolve these issues？ Thanks in advance.


Best Regards,

 Tony



=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================