Firewall/NAT

Hello,

I'm a monowall user for quite some time now and I have an odd little problem.
Every week I have to reboot my monowall or reset my firewall/Nat tables because I'm getting package drops.
Mostly on inbound traffic, when the problem grows (no reset) it also spreads to outbound traffic.

A little overview of my configuration:
ALIX board with CF & 3 NICS
WAN: DHCP ISP broadband (port blockage on every port below 1024)
LAN: DHCP 192.168.2.0/24
OPT: test nic, tried captative portal & dmz. No use now for the 3 NIC

In my network I have a mail & webserver. But because my provider blocks the ports i work with the PAT & NAT functions. So NAT Rules are:
Port 2525 -> internal ip port 25
web 8080 -> internal ip 80
and then some imap4, POP3 & other ports
Always created auto firewall rules.

I don't use traffic shaping...
Anyone has an idea why I have keep resetting my Monowall?

Hello,

I'm a monowall user for quite some time now and I have an odd little problem.
Every week I have to reboot my monowall or reset my firewall/Nat tables because I'm getting package drops.
Mostly on inbound traffic, when the problem grows (no reset) it also spreads to outbound traffic.

A little overview of my configuration:
ALIX board with CF & 3 NICS
WAN: DHCP ISP broadband (port blockage on every port below 1024)
LAN: DHCP 192.168.2.0/24
OPT: test nic, tried captative portal & dmz. No use now for the 3 NIC

In my network I have a mail & webserver. But because my provider blocks the ports i work with the PAT & NAT functions. So NAT Rules are:
Port 2525 -> internal ip port 25
web 8080 -> internal ip 80
and then some imap4, POP3 & other ports
Always created auto firewall rules.

I don't use traffic shaping...
Anyone has an idea why I have keep resetting my Monowall?

Only two things come to mind. Failing hardware or hardware compatibility problems. I've got m0n0wall machines out in the field with 400 days of uptime and no problems. I've also seen some that seem to crash every other day and just ditched the hardware for a replacement to solve the problem.

Since you may not have that option, try changing out hardware (video, NIC cards, etc.) and zero in on what the issue may be. I would even try swapping some RAM around just in case.

I'm having a similar problem. After exactly 1 week clients with DHCP addresses are unable to pass through the firewall. Of course, rebooting the firewall resolves the issue. It seems that traffic stops passing after the DHCP lease has reached 1 week. We don't get phone calls all at the same time. We get them one after the other, as if they are all being disconnected in the order they connected a week ago.

I'm running 1.235 on a new Perimeter Firewall   http://www.logicsupply.com/products/perimeter_r     and we've had the problem since we deployed the firewall. Any ideas would be greatly appreciated, and we will be looking in to hardware issues.

Is there anything in the logs while it is running? Perhaps something about DHCP crashing? illegal ARPs? Rogue DHCP servers?

My m0n0walls have been doing quite fine.

There is nothing in the logs that is throwing a red flag. No rogue DHCP servers, nothing. How do I turn up logging to see more activity?

In the meantime I've ordered a second piece of hardware. Hopefully this will fix the problem. At the same time, I'll be waiting on Friday at 5 pm, one week after the last reboot, to see if it blocks traffic.

Bombcar, all my other Monowalls are running great also. Curious to see how this turns out.

Check the dhcp log. Goto /exec.php and execute

cat /var/log/dhcpd.log