Re: [SLE] Again: tcpd(?) trouble
george steward wrote:
I think you should seriously consider completely undoing your firewalling and rebuilding it from scratch.
I completely shu down the firewalling (ipfwadm (SuSE 6.0), the delys are the same down to the millisecond.
Firewalling (and its examination of packets) often causes these delays. It might just be some corruption in the files or, more likely, conflict within your firewalling options arising from growth in your network and TCP/IP addresses. I've also noticed that. At home, where I use 6.2 with ipchains, the delays are 1 or 2 msecs longer than without.
It sounds (to me) like firewalling, mainly because of the delay also experienced with sendmail. Again: firewalling of or on, it really makes no difference...
Other possibilities include network conflicts being caused by some clients not using correct TCP/IP Class A, B or C addresses.
That could be the problem, since there are about 40/50 hosts connected to the same network, inclusing w....w.....win.... you-know-what-I-mean-computers.
Less importantly, are you sure your '/etc/hosts', '/etc/hosts.allow' and 'etc/hosts.deny' are correctly configured without conflicts?
hosts.* are not configured at all, the /etc/hosts contains only my primary hostname and localhost.
SuSE also allows you to set your security to 'paranoid' in 'etc/rc.config' which can slow things down (although not by as much as this!). If you have firewalling as well, you may want to consider whether this is not over-kill.
I *have* set it to paranoid. I'll try setting it to a less overkill-situation, since users cannot telnet at all (/bin/false-shell).
HTH.
eeehh.. HTH? Hope That Helped? Thanks for your reply, I'll try i out! Greetings, Rogier
Rogier Maas wrote:
Hi,
-cut-
This is my main problem:
Whenever I try to: telnet, pop3 or any other service that runs through inetd/tcpd, it sits and waits for up to ten seconds before returning a login prompt, gets my mail or whatever.
-cut-
-- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
participants (1)
-
icarus@guldennet.nl