> Here the logfile generated by tcpdump on my firewall when I ... > > ftp 192.168.125.1 (from 192.168.124.1) > > 14:31:19.818595 IP 192.168.124.1.32790 > 192.168.125.1.ftp: S > 2452334504:2452334504(0) win 5840 <mss 1460,sackOK,timestamp > 10914109[|tcp]> SYN > 14:31:19.819085 IP 192.168.125.1.ftp > 192.168.124.1.32790: S > 2932060858:2932060858(0) ack 2452334505 win 5792 <mss > 1460,sackOK,timestamp 1164327[|tcp]> SYN-ACK > 14:31:19.819448 IP 192.168.124.1.32790 > 192.168.125.1.ftp: . ack 1 win > 5840 <nop,nop,timestamp 10914109 1164327> ACK > 14:31:29.830558 IP 192.168.125.1.ftp > 192.168.124.1.32790: P 1:66(65) > ack 1 win 5792 <nop,nop,timestamp 1165329 10914109> 10 second delay... either that FTP is sending packets elsewhere that aren't getting captured, or has some problem/configuration that keeps it from responding any faster than that. can you perform the tcpdump on the FTP server itself? > 14:31:29.830970 IP 192.168.124.1.32790 > 192.168.125.1.ftp: . ack 66 win > 5840 <nop,nop,timestamp 10924124 1165329> > > Furthermore, as you suggested it I added in my proftpd server > configuration > > UseReverseDNS off > > ... But this does not change anything. you *did* restart the daemon after that, right? ;-) -j
