Action
Below are some suggestions to stop this warning message:
-
Reduce the amount of logging in the security policy.
Note -ACCOUNTING logging is very heavy. Reducing logging from LONG to SHORT also helps.
-
Increase the internal memory allocated to the FW kernel module. The default amount of memory is 524K. To increase to 1Mbyte, add the statement below to /etc/system and reboot:
set fw:fwhmem=0x100000
-
Set the Excessive Log Grace Period to 0. This is set through Properties -> Logging and Alerting. You must then reinstall the security policy for the change to take affect. The drawback for setting the Excessive Log Grace Period to 0: Your log now includes similar packets received at approximately the same time. When it was not zero, they were hidden (see Managing FireWall-1 Using the OpenLook GUI, p. 104). Thus, no packet disappears from the log, so your log might be a little bit bigger, but apart from that, no problem.
-
Use Renice fwd for a higher priority. The default priority of the FW daemon is 0 (like most processes). To raise the priority you must give a negative priority, depending on the load on your system. See the man page on nice(1) for more information.
- © 2010, Oracle Corporation and/or its affiliates