[ Please Cc: me when replying, as I am not subscribed to the list. Thanks! ] Weird problem here. We just upgraded a 2.0.38/ipfwadm firewall to a 2.2.16-22(RH 7.0)/ipchains firewall when all heck broke loose. The biggest problem was that people stopped being able to send e-mail, though they could still receive e-mail just fine, as well as browse the web. They also had some problems with FTP (IE broke, Netscape worked, didn't check others). In all cases, the problem was that the connection would simply hang and, eventually, time out. I made sure that the ipchains rules weren't affecting anything, to the point of doing: ipchains -F input ipchains -F output ipchains -F forward ipchains -P input ACCEPT ipchains -P output ACCEPT ipchains -P forward REJECT ipchains -A forward -s 10.0.0.0/8 -j MASQ (where 10.0.0.0/8 is the internal network.) Nothing. Hang. The SMTP server was registering the connection; it even passed the HELO stage. So I installed ngrep to attempt to sniff the line and see what was going on. Lo and behold! I sniffed the line and SMTP was working again. I stopped the sniffer and the problems returned. I even tried turning promiscuous mode on with ``ifconfig eth1 promisc'' (and it showed up in the logs and ifconfig output), but if I wasn't running the packet sniffer, it wasn't working. All of the client machines are either Windows boxen (for the SMTP problems, using OE or Eudora is equally unsuccessful) or Macs (for the FTP problems only, using Fetch). None of the Linux clients are having a problem (surprise?). Has anyone ever seen *anything* like this?! I'm currently doing ``ngrep "*" -d eth1 >& /dev/null'' just to keep the SMTP traffic flowing for these clients, but this is NOT a solution. I'd appreciate any comments... Thanks, /pg -- Peter Green : Gospel Communications Network, SysAdmin : pcg@gospelcom.net --- "In short, at least give the penguin a fair viewing. If you still don't like it, that's ok: that's why I'm boss. I simply know better than you do." (Linus "what, me arrogant?" Torvalds, on c.o.l.advocacy) - : send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.kernel.org
