> > On 25 jan 2015, at 21:07, Tom Eastep <[email protected]> wrote: > > On 1/25/2015 10:33 AM, Robin Helgelin wrote: >> Hi, >> >> I’m investigating a setup with the returning data from a DNAT rule is going >> extremely slow. >> >> Example rule looks like this: >> DNAT net $DMZ_MAIL:22 tcp 9022 - >> pu.bl.ic.ip >> >> interfaces >> net eth0 detect tcpflags,nosmurfs >> loc eth1 detect routeback >> >> masq >> eth0 192.168.60.0/24 pu.bl.ic.ip >> >> params: >> DMZ_MAIL=loc:192.168.60.2 >> >> >> Using SCP copying files to the server gives as full speed as my internet >> permits. Receiving files throttles the traffic at around 2-3KB/s. > > Might we see the output of 'shorewall dump' collected as described at > http://www.shorewall.org/support.htm#guidelines?
Of course, sorry about that. I’ve masked out my home public ip and the server ip, broadcast and gateway, otherwise it’s all there. I see that there are a lot of unreplied connections to the imap server, and it’s on the imap service it get obvious that something is terribly slow. I also see that I’m running an unsupported version. Perhaps I should take time to upgrade? regards, Robin ------------------------------------------------------------------------------ Dive into the World of Parallel Programming. The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
