Stopping firewall2 takes long time
When I stop SuSEfirewall2 (this happens when the pc is shut down) it takes a very long time, about 15 minutes to finish. Does anyone knows what can be the problem? I have SuSEfirewall2, iptables v1.2.4 and a cable modem connection. David
Hi,
When I stop SuSEfirewall2 (this happens when the pc is shut down) it takes a very long time, about 15 minutes to finish.
Does anyone knows what can be the problem?
I have SuSEfirewall2, iptables v1.2.4 and a cable modem connection.
Sounds like a DNS problem. Based on the above scenario and assuming start-up does not have this problem:- 1) Have you used FQDNs in the config? If you have, I'm guessing your ISP link has gone down and iptables is busy trying to resolve the names but has no DNS server to respond. If this occurs on startup as well:- 2) Look for an error in the config which results in the lookup of a non-existent name. HTH John
* John Trickey wrote on Sun, Nov 18, 2001 at 20:46 -0000:
I have SuSEfirewall2, iptables v1.2.4 and a cable modem connection.
Sounds like a DNS problem. Based on the above scenario and assuming start-up does not have this problem:-
1) Have you used FQDNs in the config? If you have, I'm guessing your ISP link has gone down and iptables is busy trying to resolve the names but has no DNS server to respond.
Well, I would guess that firewall gets stopped after networking. But why should stop need DNS names? Is stop doing anything meaningful (many flushing all rules or so)? oki, Steffen -- Dieses Schreiben wurde maschinell erstellt, es trägt daher weder Unterschrift noch Siegel.
Start up is ok. I don't use dns names, but if I look at the output of iptables -L, I see dns names over there: - the dns name of my ISP DNS servers - my dns name, given to me temporary by my ISP - the name I gave to my pc When I just issue SuSEfirewall2 stop, this also takes a long time, meanwhile I can still do dns lookups without any problem even when the firewall has stopped. John Trickey wrote:
Hi,
When I stop SuSEfirewall2 (this happens when the pc is shut down) it takes a very long time, about 15 minutes to finish.
Does anyone knows what can be the problem?
I have SuSEfirewall2, iptables v1.2.4 and a cable modem connection.
Sounds like a DNS problem. Based on the above scenario and assuming start-up does not have this problem:-
1) Have you used FQDNs in the config? If you have, I'm guessing your ISP link has gone down and iptables is busy trying to resolve the names but has no DNS server to respond.
If this occurs on startup as well:-
2) Look for an error in the config which results in the lookup of a non-existent name.
HTH John
-- David D'Hauwe Lange Boomgaardstraat 86 B-9000 Gent David.DHauwe@advalvas.be +32(0)497/58.95.80
participants (3)
-
David D'Hauwe -
John Trickey -
Steffen Dettmer