Below are some suggestions to stop this warning message:
Reduce the amount of logging in the security policy.
ACCOUNTING logging is very heavy. Reducing logging from LONG to SHORT also helps.
Increase the internal memory allocated to the FW kernel module. The default amount of memory is 524K. To increase to 1Mbyte, add the statement below to /etc/system and reboot:
set fw:fwhmem=0x100000 |
Set the Excessive Log Grace Period to 0. This is set through Properties -> Logging and Alerting. You must then reinstall the security policy for the change to take affect. The drawback for setting the Excessive Log Grace Period to 0: Your log now includes similar packets received at approximately the same time. When it was not zero, they were hidden (see Managing FireWall-1 Using the OpenLook GUI, p. 104). Thus, no packet disappears from the log, so your log might be a little bit bigger, but apart from that, no problem.
Use Renice fwd for a higher priority. The default priority of the FW daemon is 0 (like most processes). To raise the priority you must give a negative priority, depending on the load on your system. See the man page on nice(1) for more information.