RE: Stateful problem when using IMAP. Need a Guru.
Ok I know it's not Router2 because IMAP is slow to other mail servers
from pc's behind Router1 with fw-up enabled also. I tried removing the
DROP rules one by one and it will only work when they are ALL set to
ACCEPT. I can't see how it's dns because the problem only happens when I
turn on fw-up on Router1 or I am not behind any firewall at all and I
connect to the IMAP server everything is fine.
-----Original Message-----
From: Jason McCarty [mailto:bclg@iup.edu]
Sent: Tuesday, December 31, 2002 4:55 PM
To: debian-firewall@lists.debian.org
Subject: Re: Stateful problem when using IMAP. Need a Guru.
Ryan wrote:
> When I enable stateful filtering (sh fw-up) on Router1 IMAP
connections
> to my mail server behind Router2 are painfully slow druing the initial
> connection. If I disable sateful filtering (sh fw-dn) on Router1 IMAP
> connections have no issues.
This sounds like a reverse DNS problem to me. Make sure you can resolve
addresses correctly from the imap servers.
>
> I have a feeling the problem is in the way I have stateful filtering
> enabled on Router2 but I'm too much of a n00b to figure it out.
Maybe you should add a logging rule to each chain temporarily, so you
can see if packets are being dropped improperly just by reaching the end
of the chain. If that doesn't identify the problem, I'd try removing all
the DROP rules one by one to see which one is doing it.
HTH,
Jason McCarty
--
To UNSUBSCRIBE, email to debian-firewall-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org
Reply to: