Recent comments here and elsewhere concerning degenerating network performance led me to take a closer look at my own system, and I discovered that the numerous attempts by other systems to connect on my ISP's network were not being blocked by my firewall, and were therefore reaching my system. I do not think these numerous connect and IP requests were doing direct harm to my system, but packets were getting here that had no business getting here. I added some rules to my firewall, and if my system's performance today (Monday) can be used as an example, my network stability and responsiveness have improved noticeably. Note that I thought I had rules at the end of my firewall script which I believed should have caught everything that had not been previously defined, but the source address 0.0.0.0 seems to have been slipping through anyway. Here are the rules which are now logging and dropping these requests. Note that if you have a similar amount of this kind of traffic on your network, logging all of these events can rack up considerable disk space usage--use these rules with care, and at your own risk. Note also that if your system is supposed to be providing bootps services, you may not want to add these rules to your system. iptables --append INPUT -i eth0 -s 0.0.0.0 -j LOG --log-prefix "REMOTE LOCALHOST DROP " iptables --append INPUT -i eth0 -s 0.0.0.0 -j DROP I hope this stuff proves useful, and have a _great_ day. -- Ralph. N6BNO. Wisdom comes from central processing, not from I/O. rreid at sunset.net http://personalweb.sunset.net/~rreid Opinions herein are either mine or they are flame bait. CIRCLE AREA = _pi * r ^ 2
