Re: iptables logging to syslog: performance problem

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Guillaume Leccese wrote:
Patrick McHardy a écrit :
On a 2.6.19.1 kernel box (nfct patch from Julian
http://www.ssi.bg/~ja/nfct/) we have a strange performance problem.

When a scan occur on a /24 network handled by the firewall (on a filtered port) packets dropping produces a syslog output. During the logging process, the traffic is at a frozen state (2 seconds to 30 seconds, depending of the
number of ports scanned).

[...]
When output to syslog is not effective, there is no performance decrease.

More details about the configuration:

- Linux 2.6.19.1, module activate, iptables not in module
- e1000, tygon 3 and sundance drivers in module
- bonding device in module
- 2x e1000, driver v7.6.9 stable, in bonding
- Keepalived 1.1.12-1, Debian apt version

Are you using serial console?


Hi Patrick,

Do you ask me if the serial console is compiled in the kernel or if I'm using serial console for remote control ?

Whether you use serial console for logging.


1/ yes, see the .config in attachment

2/ no, we use ssh

In case you're not using the serial console for logging, can you
reproduce it without Julian's patches?
-
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux