Martin Devera wrote: > > Wow. It is very interesting. Did you tried to read counters > in iptables -vL and compare counts ? Like to read value from > /proc/net/dev compare to count of packets at INPUT chain and > then compare with no of packets in DROP chains. > It could give us better picture where are the packets going to. > > But it seems there is problem with too many connections. The dropping > may work but remote sites will still try to resend the packets and > because you have high number of connections there SYNs and duplicates > will go at least several minutes. yes that it, i do the same thing, i have a ftp server and when it's on heavy load, and i need some bandwith, i start to "iptables -I INPUT -s ip -j DROP", and the connections are still there for some time (minutes, never looked), beacouse the server thinks it's a network problem and hope that will be restored. in his case, it's a client so the servers send him packets, don't get ACKs so resend (some time) after they drop de connection. you could try with -j REJECT, it's better, faster C > > devik > > > > > and same ones for port 4661. > > What is happening? > > It looks like Linux is trying to drop these packets, but they are braking down VERY slowly. It seems like linux is unable to handle that and there are still many packets out of iptables control. > > Look at this: > > here you can see 'netstat -n' output written after (about half of minute) appending iptables DROP rules: > > > > http://josh876.republika.pl/netstat-dropped.txt > > > > modem's LED is blinkink randomly from time to time but and it is slowing. But MLDonkey is still reporting downloading. > > > > ..and this is after few minutes > > > > http://josh876.republika.pl/netstat-dropped-few-minutes.txt > > > > MLDonkey is generally not reporting downloading, but it is still happening that it will show download for a very short while. > > > > _______________________________________________ > LARTC mailing list / LARTC@mailman.ds9a.nl > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
