On 04-Apr-08, at 1:18 PM, Simon Hobson wrote: > Kenneth Gonsalves wrote: > >> lately I have been having problems with a new leased line and router >> - It performs fine for some time (several days) or a few hours. Then >> suddenly I am unable to ping the gateway. After some time it reverts >> to normal - regardless of whether the router is rebooted or not. On >> one occcasion the router configuration had also got wiped out. Before >> investigating further I would like to know if there is a possibility >> that a badly configured firewall could cause this problem. If there >> is such a possiblity, I will post the complete configuration and >> dump. > > Nothing is impossible, but as Tom has told people so many times, > Shorewall isn't 'running' (it just configures stuff and quits). > > I would be VERY surprised if the firewall config itself was causing > problems, and even more surprised if it could wipe your config.
this is the problem we face with most ISPs. The moment they see a linux machine they blame all failures on linux, pull out their windows laptop and say: 'see it works perfectly'. But when I connect to a 150 machine LAN the link collapses. The line in question is a 2 Mbps leased line with a huawei router. When installed it ran perfectly for 36 hours giving the full 2 Mbps (measured using iftop) and then failed. The firewall server had 2GB RAM. Then, to prove their point they set up NAT on the router and connected it directly to the LAN and it has been working perfectly since then. However speeds have dropped dramatically - possibly due to lack of proxy cache. Anyway, the setup was Mandriva2007 with and old version of shorewall. I am now setting up a more uptodate box and will investigate further. > > I'd be more inclined to think along the lines of perhaps, limited > resources, flood of <something> from internet, system unable to cope. > For example, I had to replace my ADSL model as the old one couldn't > cope with the ARP table when running BitTorrents - and I also had to > tune my network tables (maxed them out) for the Linux networking for > the same reason. Even then I can't see how that would alter your > config unless you've managed to cause filesystem corruption. > > Perhaps if you posted some key details about your setup - what sort > of hardware (eg there's a bit difference between a router appliance > with 64M RAM and a bit of flash, and a PC with a GByte of RAM and > hard disk). I will try out my new setup - and if the problem recurs will post full details > -- regards Kenneth Gonsalves Associate, NRC-FOSS [EMAIL PROTECTED] http://nrcfosshelpline.in/code/ ------------------------------------------------------------------------- Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
