Hi again, thanks for all the mails and suggestions I got and please excuse me replying so late. I have been very busy up to now :-( On Fri, 8 Sep 2000, Steffen Dettmer wrote:
Are you sure the delays are caused by firewall rules?! I do not think the problem is the kernel firewall code and I do not even know how the firewall rules could do that. Well, I already reinstalled our old masquerading-/firewalling-script - it works again... (which makes me guess it was not a DNS problem, we have no other DNS problems)
2. listed the firewall rules very slowly (seemed to hang after "rcfirewall status")
Did you used "-n", i.e. "ipchains -nL"? No, rcfirewall does not prevent ipchains from resolving names and I did not try -n then. Anyway, the real problem was not that the firewall status was not reported properly but that the kernel did not let programs connect or did not transfer packages.
Anyway, thanks for all suggestions! Dennis