The easy way is actually to ALLOW requests to that port but not run IDENT :-) That will give you a nice quick connection. (Yes, I will add this to the FAQ as soon as I get a chance. If anyone wants to write that section up for me..... HINT HIINT) -Nix At 02:19 AM 1/02/2001, you wrote:
On Wed, Jan 31, 2001 at 03:03:57PM +0100, Christian Bohn wrote:
The Problem: HTTP & SSH are working well but when I try to connect to a Internet-Server via FTP, POP(sometimes) or SMTP it takes a long time (ca. 20sec) until data is transferred although the connection itself is established immediately. I do not think that it is a DNS problem, reverse&forward lookups are working well.
I'm pretty sure you are DENYing ident requests (TCP/113). Many servers try to get the initiating user for the connection, and DENYing those requests causes a time-out. You should REJECT them instead.
HTH Martin
-- Disclaimer
This email is subject to copyright and is intended only for the person(s) named. You may not disclose the contents of this email to other person(s) or take copies of it without the permission of the author.
PGP/GPG encrypted mail preferred, my public-key is availabe at http://empyreum.de/pgp-keys/MH.asc - ID: 1FEA0DF4 - the fingerprint is 3A8B 6A9A 3353 8CE7 9C95 31C8 0277 FA58 1FEA 0DF4
To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
--- Nix - nix@susesecurity.com http://www.susesecurity.com