version: 2.02f redhat linux: latest version Dear Shorewall, I love your product and am a windows programmer. I got into Linux just to run shorewall and protect my network. I have 2 questions and would really appreciate any help you can offer. #1) My firewall seems to limit traffic to 225 kb/s. Is this normal (running an old AMD K2 chip and 2 100 nics). I should have 900 kb/s and have had my DSL line checked to make sure it''s not faulty. #2) I''ve never truncated my logs and when I do a showlog I know there must be a million messages logged in there by now. Does this slow down the firewall? What''s the "professional" way to delete/manage old shorewall log messages. I read the documentation and FAQ''s and didn''t see this anywhere. I appreciate any help you can offer. Thanks for an awesome network protecting system! Joseph Arechiga User of Shorewall for 10 months and loving it!
Hi 1) unless you''ve setup traffic shaping/qos (which i doubt for obvious reasons :) then this should not happen. Amd K2 300 should handle more than 10Mbit traffic just fine, what CPU usage do you see when you download? 2) this is not directly related to shorewall, shorewall logs into the kernel (kernel -> syslog), most distributions use logrotate to rotate and compress the logs away - see /etc/logrotate* Jan Joseph Arechiga wrote:> version: 2.02f > redhat linux: latest version > > Dear Shorewall, > > I love your product and am a windows programmer. I got > into Linux just to run shorewall and protect my > network. > > I have 2 questions and would really appreciate any > help you can offer. > > #1) My firewall seems to limit traffic to 225 kb/s. Is > this normal (running an old AMD K2 chip and 2 100 > nics). I should have 900 kb/s and have had my DSL line > checked to make sure it''s not faulty. > > #2) I''ve never truncated my logs and when I do a > showlog I know there must be a million messages logged > in there by now. Does this slow down the firewall? > What''s the "professional" way to delete/manage old > shorewall log messages. > > I read the documentation and FAQ''s and didn''t see this > anywhere. > > I appreciate any help you can offer. > > Thanks for an awesome network protecting system! > > Joseph Arechiga > User of Shorewall for 10 months and loving it! > > _______________________________________________ > Shorewall-users mailing list > Post: Shorewall-users@lists.shorewall.net > Subscribe/Unsubscribe: https://lists.shorewall.net/mailman/listinfo/shorewall-users > Support: http://www.shorewall.net/support.htm > FAQ: http://www.shorewall.net/FAQ.htm
Jan Schermer wrote:> Hi > > 1) unless you''ve setup traffic shaping/qos (which i doubt for obvious > reasons :) then this should not happen. >Other things to look for: a) Excessive error rate on either of your interfaces (use ''ip -s link ls''). b) Large blacklist and BLACKLISTNEWONLY=No. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
Apparently Analagous Threads
- tcrules question
- shorewall friendly way of limiting ssh brute force attacks?
- IPP2P broken?
- Snort and Shorewall
- OL8 (RHEL8), ssh-rsa turned off using update-crypto-policies, receiving an openssh error that I don't seem to be able to override in my personal .ssh/config file