Re: [Shorewall-users] unusual case of an SMTP connection failing

Tue, 14 Aug 2007 12:09:42 -0700 

Andrew Suffield wrote:
> On Tue, Aug 14, 2007 at 11:16:44AM -0700, Tom Eastep wrote:
>>> Shouldn't SYN_RECV appear on both? (I did notice that
>>> shorewall dump took *a lot* more time to complete on
>>> the bridge so maybe the conntrack entry got removed?)
>>>
>> Might be -- does your bridge have an enormous log? If so, /sbin/shorewall
>> can take a long time wading through the entire log so it can print the last
>> 20 'Shorewall' messages.
> 
> That seems correctable. Pass the log through tac, use head instead of
> tail, and pass the output of head through tac again.

With the current implementation:

gateway:~/test # time shorewall show log > /dev/null

real    0m0.783s
user    0m0.904s
sys     0m0.132s
gateway:~/test # time shorewall show log > /dev/null

real    0m0.776s
user    0m1.000s
sys     0m0.068s
gateway:~/test # time shorewall show log > /dev/null

real    0m0.786s
user    0m0.888s
sys     0m0.112s
gateway:~/test # time shorewall show log > /dev/null

real    0m0.770s
user    0m0.888s
sys     0m0.068s
gateway:~/test # time shorewall show log > /dev/null

real    0m0.182s
user    0m0.104s
sys     0m0.060s
gateway:~/test #

With Andrew's proposed change:

gateway:~/test # time shorewall show log > /dev/null

real    0m0.188s
user    0m0.156s
sys     0m0.052s
gateway:~/test # time shorewall show log > /dev/null

real    0m0.187s
user    0m0.132s
sys     0m0.060s
gateway:~/test # time shorewall show log > /dev/null

real    0m0.182s
user    0m0.088s
sys     0m0.076s
gateway:~/test # time shorewall show log > /dev/null

real    0m0.195s
user    0m0.136s
sys     0m0.068s
gateway:~/test #

Log file was ~2MB and contained nothing but Shorewall messages.

Thanks, Andrew.

-Tom
-- 
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ [EMAIL PROTECTED]
PGP Public Key   \ https://lists.shorewall.net/teastep.pgp.key

Attachment: signature.asc
Description: OpenPGP digital signature

-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems?  Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >>  http://get.splunk.com/
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Reply via email to