zephura schreef op 24-02-2017 8:15: > Maybe I don't get the point, but > For bad reasons, I've already have the same ssh connection during 3 > days... > Ok that was through a vpn tunnel, but even I should allow ssh > connection in vuurmuur ...
I just don't know what is causing it. Maybe it is a mechanic that packets get blocked because they end up in a wrong state in the firewall. There is also LXC container that has a bridge with an IP on the same interface (device) and the Linux kernel sometimes does weird stuff when you use a bridge in the wrong way. So I have to find out what's causing it but for that I first have to turn Vuurmuur off and see if I can reproduce the issue. The connection is not even over VPN. "tar -xvzf" or similar (the -v) is a very dangerous thing right now ;-). The tar process will hang if it cannot output all the data, the lines of text. Basically there is two things I can test: - bring down the LXC bridge - bring down Vuurmuur Either which could produce the solution but troubleshooting IPtable rules is not something you do in your spare time... while eating a pizza, so to say. I have now a script running on a relatively fresh connection (ssh) that will output "journalctl | cat" to the console every 6 seconds ;-) and records the date for it in a file. Once the connection clogs up, I will see the latest date. It is now 08:56 when I started it. Nothing happened thus far. It is on older connections that "tar -v" becomes very dangerous. It happens on both the host and the LXC container (that is accessed through the host). At first I thought it was jut the LXC container, but it is both. Thank you for your time :p. ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot _______________________________________________ Vuurmuur-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/vuurmuur-users
