Daniel D Jones wrote:
On Thursday 03 March 2005 03:43 pm, Alex Malinovich wrote:Well, I'd start with examining your iptables setup. The first thing that I'd look at if I started losing packets would be my iptables setup. Once you're sure that that's not the problem, then move on to other things.I'm familiar with but hardly an expert on iptables. I installed the "nat" package (which seems to have been replaced) and haven't manually modified the tables. I can't think of anything that could be wrong with them that would cause intermittent problems like I'm experiencing. If you're aware of something I'm missing, I'd love to hear it.
You should post your NAT rules (both SNAT & DNAT) plus your FORWARD chain so we examine your rules. You should also (once the problem occurs) grab about 2 or 3 minutes of traffic with Snort. This will give a packet level looking glass into what may be happening. Has your netfilter code changed (i.e. new kernel) or userspace tools (i.e. iptables)? Is it more than ICMP traffic that you lose? Old hardware? Could you're NIC be taking a nose dive? -Eric -- "Education is what remains after one has forgotten everything he learned in school." - Albert Einstein
Attachment:
signature.asc
Description: OpenPGP digital signature