• Subject: Re: Firewall cache error logs
  • From: "Michael Franchino" <frick@xxxxxxxxxxxxx>
  • Date: Thu, 3 Feb 2000 22:19:53 -0500

We had the same problem.. It took IBM a week to tell us that it was the
drive that got filled up... We increased the size to 500MB and haven't had
the
problem.. I will have to check with our firewall expert to see what he did..
We
are very dissatisfied with the firewall product and will probably replace it
soon..

I think you have to create a new drive of a greater size, and then re-attach
the
firewall to it.. IBM should have the instructions for this, it is a common
problem.


Have all sorts of problems with NAT at V4R4... IBM has been on our system
for 2 weeks and don't know why NAT stops working after 30 minutes. They
know the cause is the MTU size changes after a short while.. The MTU size
is set for 1500 on both interfaces, and after about 15 to 20 minutes, the
dirty side
interface changes to 1492 and the clean side to 1506, which causes the
firewall to
thrash to find a valid packet size.. Basically, the firewall times out all
internet HTTP
traffic.  The work around, go back to proxy serving..


Michael
----- Original Message -----
From: <jcrowley@ifasys.com>
To: <MIDRANGE-L@midrange.com>
Sent: Thursday, February 03, 2000 3:57 PM
Subject: Firewall cache error logs


>
>
> Any AS/400 Firewall experts out there?
>
> We have had a problem with firewall cache error logs filling up our
firewall K:
> drive -- this causes firewall logging to end, which shuts down the
firewall and
> thus all our incoming/outgoing email (the lack of external email is
usually our
> first indication of the problem).
>
> We found these error logs by using SBMNWSCMD to search through all the
> subdirectories on the firewall k: drive after a "Firewall logging has
ended"
> message to the Sysop hinted that the k: drive might be full. You
apparently
> can't get to these logs any other way, nor are they documented ANYWHERE
that
> I've found.
>
> If you want to see if you've got any of these error logs, use SBMNWSCMD
and
> enter the command
>    'dir k:\firewall\cache\proxy'
> -- look for files named htterr.xxxxxxxxx where the xx's represent the date
the
> file was generated.
>
> After extensive study, we think that the contents of the firewall cache
are
> being dumped to these error logs each night as our scheduled backups
begin. We
> don't shut down subsystems at this time because occasionally we have
people
> online from home at night. So, we're not sure what is causing this to
happen.
> There is no message in the history log to indicate a problem. Curiously,
we just
> installed a PTF to correct a problem with the performance monitor being
shut
> down when backups begin, but at least we've had error messages that
pointed to
> the PM problem.
>
> We installed V4R4 in December and installed all V4R4 firewall-related PTFs
soon
> after. When we discovered these logs for the first time in January, there
were
> daily versions existing back to mid-October. We have never changed the
firewall
> cache settings from the defaults, so we don't know what happened in
October. A
> search of current PTFs hasn't turned up anything so far.
>
> Our temporary solution is to delete these logs and turn off the firewall
cache
> (which apparently means setting the cache size to 0 -- although the
firewall
> documentation says that caching is available "if you want it", the default
is
> that caching is turned on, and there's no documentation on how to turn it
off).
>
> Has anyone else encountered this situation?
>
> Janet Elam Crowley
> IFA Systems
>
>
>
>
>
>
> +---
> | This is the Midrange System Mailing List!
> | To submit a new message, send your mail to MIDRANGE-L@midrange.com.
> | To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
> | To unsubscribe from this list send email to
MIDRANGE-L-UNSUB@midrange.com.
> | Questions should be directed to the list owner/operator:
david@midrange.com
> +---

+---
| This is the Midrange System Mailing List!
| To submit a new message, send your mail to MIDRANGE-L@midrange.com.
| To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
| To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator: david@midrange.com
+---

As an Amazon Associate we earn from qualifying purchases.

This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.