On 1/27/2015 1:07 AM, Robin Helgelin wrote: > On Tue, Jan 27, 2015 at 12:12 AM, Tom Eastep <[email protected] > <mailto:[email protected]>> wrote: > > > Thanks. At the time of the dump: > > a) What, exactly, was slow? Connection from where to where on which > port(s)? > > > Outgoing traffic from 192.168.60.2 on the DNAT-ports, such as ssh, smtp, > imap, etc. > > > b) Is ho.m.e.ip in the 'net' zone? > > > Yes! Actually there are no more hosts in the loc zone except for the fw, > 192.168.60.1, and the secondary 192.168.60.2. >
The conntrack table looks very odd. Here's the last entry: tcp 6 372883 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993 dport=64604 packets=4 bytes=6000 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip sport=64604 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1 Although the connection was originally established by ho.m.e.ip connecting to pu.bl.ic.ip:993, the left side of the entry has the reverse. This indicates that the entry was created by *outgoing* traffic rather than incoming traffic. It appears that all of the DNAT connections from ho.m.e.ip share this property. This looks like an old box (it's running a 2.6 kernel and Shorewall 4.4.x) so I assume that this slowness is recent behavior? -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Dive into the World of Parallel Programming. The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
