Andy
2002-Jan-05 15:06 UTC
[Shorewall-users] Started to use shorewall 1.2.1 - Email pickup is now s-l-o-w
Hi All, I had had a go at getting shorewall running on my system (RH 7.1, kern 2.4.16), and have looked at the faq and documentation etc. But I cant seem to find out what Ive done wrong here. I used to use an iptables script (monmothas) and now want to move to shorewall... My sytem set is firewall machine connected to the internet via adsl on ppp0, local network on eth0 (10.1.0.0/8) I have used the latest sample files - two-interfaces setup, and changed the local ip address to represent my network. The problem I have so far, is that now when using outlook on the local network, it takes about 1 minute to connect to the pop3 server for my email...if i clean the iptables out, stop shorewall, and load my old monmotha script..im back to whoosh pickup. But, I can use the web browser from the local network with no problems.. Probably being dumb, I know..but can anyone help ? Thanks for any help I havn''t posted my configs here, dont want to spam the list :) Rgds Andy
Tom Eastep
2002-Jan-05 15:28 UTC
[Shorewall-users] Started to use shorewall 1.2.1 - Email pickup is now s-l-o-w
On Saturday 05 January 2002 07:06 am, Andy wrote:> Hi All, > I had had a go at getting shorewall running on my system (RH 7.1, kern > 2.4.16), and have looked at the faq and documentation etc. But I cant seem > to find out what Ive done wrong here. > > I used to use an iptables script (monmothas) and now want to move to > shorewall... > > My sytem set is firewall machine connected to the internet via adsl on > ppp0, local network on eth0 (10.1.0.0/8) > > I have used the latest sample files - two-interfaces setup, and changed > the local ip address to represent my network. > > The problem I have so far, is that now when using outlook on the local > network, it takes about 1 minute to connect to the pop3 server for my > email...if i clean the iptables out, stop shorewall, and load my old > monmotha script..im back to whoosh pickup. > > But, I can use the web browser from the local network with no problems.. > > Probably being dumb, I know..but can anyone help ?Try adding the following entry to the bottom of /etc/shorewall/rules and let=20 us know if it helps: REJECT=09net=09fw=09tcp=09auth -Tom --=20 Tom Eastep \ teastep@shorewall.net AIM: tmeastep \ http://www.shorewall.net ICQ: #60745924 \ Firewalls for Linux 2.4
Andy
2002-Jan-05 16:55 UTC
[Shorewall-users] Started to use shorewall 1.2.1 - Email pickup is now s-l-o-w
Hi Tom, Thanks for the reply, yup - that sorted it out, email now back to normal speed. Thanks. Rgds Andy ----- Original Message ----- From: "Tom Eastep" <teastep@shorewall.net> To: "Andy" <snurt@snurtsworld.co.uk>; <shorewall-users@shorewall.net> Sent: Saturday, January 05, 2002 3:28 PM Subject: Re: [Shorewall-users] Started to use shorewall 1.2.1 - Email pickup is now s-l-o-w On Saturday 05 January 2002 07:06 am, Andy wrote:> Hi All, > I had had a go at getting shorewall running on my system (RH 7.1, kern > 2.4.16), and have looked at the faq and documentation etc. But I cant seem > to find out what Ive done wrong here. > > I used to use an iptables script (monmothas) and now want to move to > shorewall... > > My sytem set is firewall machine connected to the internet via adsl on > ppp0, local network on eth0 (10.1.0.0/8) > > I have used the latest sample files - two-interfaces setup, and changed > the local ip address to represent my network. > > The problem I have so far, is that now when using outlook on the local > network, it takes about 1 minute to connect to the pop3 server for my > email...if i clean the iptables out, stop shorewall, and load my old > monmotha script..im back to whoosh pickup. > > But, I can use the web browser from the local network with no problems.. > > Probably being dumb, I know..but can anyone help ?Try adding the following entry to the bottom of /etc/shorewall/rules and let us know if it helps: REJECT net fw tcp auth -Tom -- Tom Eastep \ teastep@shorewall.net AIM: tmeastep \ http://www.shorewall.net ICQ: #60745924 \ Firewalls for Linux 2.4 _______________________________________________ Shorewall-users mailing list Shorewall-users@shorewall.net http://www.shorewall.net/mailman/listinfo/shorewall-users
Tom Eastep
2002-Jan-05 17:33 UTC
[Shorewall-users] Started to use shorewall 1.2.1 - Email pickup is now s-l-o-w
Andy, On Saturday 05 January 2002 08:55 am, Andy wrote:> Hi Tom, > > Thanks for the reply, yup - that sorted it out, email now back to normal > speed. >Ok, good. I''ll add that rule to the sample rules files for the next release.=20 It works around poorly-configured POP3 server setups.=20 -Tom --=20 Tom Eastep \ teastep@shorewall.net AIM: tmeastep \ http://www.shorewall.net ICQ: #60745924 \ Firewalls for Linux 2.4