Mailinglist Archive: opensuse-security (636 mails)

< Previous Next >
Re: [suse-security] SuSEFirewall slows down connection
  • From: Nix <suse@xxxxxxxxxxxxxxx>
  • Date: Thu, 01 Feb 2001 11:53:08 +1100
  • Message-id: <5.0.1.4.0.20010201115137.03806748@xxxxxxxxxxxxxxxxxxxx>
The easy way is actually to ALLOW requests to that port but not run
IDENT :-) That will give you a nice quick connection.

(Yes, I will add this to the FAQ as soon as I get a chance. If anyone wants to
write that section up for me..... HINT HIINT)

-Nix

At 02:19 AM 1/02/2001, you wrote:
On Wed, Jan 31, 2001 at 03:03:57PM +0100, Christian Bohn wrote:
> The Problem:
> HTTP & SSH are working well but when I try to connect to a Internet-Server
> via FTP, POP(sometimes) or SMTP it takes a long time (ca. 20sec) until data
> is transferred although the connection itself is established immediately.
> I do not think that it is a DNS problem, reverse&forward lookups are working
> well.

I'm pretty sure you are DENYing ident requests (TCP/113). Many
servers try to get the initiating user for the connection, and
DENYing those requests causes a time-out. You should REJECT them
instead.

HTH
Martin

--
Disclaimer

This email is subject to copyright and is intended only for the person(s)
named. You may not disclose the contents of this email to other person(s)
or take copies of it without the permission of the author.

PGP/GPG encrypted mail preferred, my public-key is availabe at
http://empyreum.de/pgp-keys/MH.asc - ID: 1FEA0DF4 - the fingerprint is
3A8B 6A9A 3353 8CE7 9C95 31C8 0277 FA58 1FEA 0DF4

---------------------------------------------------------------------
To unsubscribe, e-mail: suse-security-unsubscribe@xxxxxxxx
For additional commands, e-mail: suse-security-help@xxxxxxxx

---
Nix - nix@xxxxxxxxxxxxxxxx
http://www.susesecurity.com


< Previous Next >
This Thread
  • No further messages