Hi people - I beg for our forgiveness of the off topic post (well, everything here runs linux so its not totally off topic), but I got the darnest thing which I can't put my thumb on, still can't figure it out and I've ran out of ides.
I have a site, for the sake of the argument lets call it http://org.demons.co.il/forum. but its terribly terribly slow - page take several minutes(!!) to load. At first I thought it was it was network - checked the network monitor, and its not. Then I said its probably the rendering of the page - put counters on the PHP files and they all render in less then 1/10 of a second Then I said it's CPU load - but load rarely goes over 0.10 Then I tries to load the page with links (text web browser), and it flies ! Then I tried some other clients - all the standard graphical ones work the same (real slow). links and links-graphic are fast, as well as any command line HTTP downloader I tries. elinks and lynx are again extremely slow. Then I looked at the firewall logs, and whenever a client makes a request, this gets dumped in the logs, several times: Sep 17 20:31:13 gilgamesh kernel: Shorewall:newnotsyn:DROP:IN= OUT=eth0 SRC=199.203.54.121 DST=<client-ip> LEN=1500 TOS=0x00 PREC=0x00 TTL=64 ID=64286 DF PROTO=TCP SPT=80 DPT=48834 WINDOW=6930 RES=0x00 ACK PSH URGP=0 newnotsyn is a log target for shorewall that drops everything, and packets get sent to it, in this case, after they arrive on the output chain, get caught by some rules based on interface matching, dropped down a few tables, and then pass -m state --state RELATED,ESTABLISHED -j ACCEPT w/o getting caught and then hit -p tcp -m state --state NEW -m tcp ! --tcp-flags SYN,RST,ACK SYN -j newnotsyn running tcpdump on the local machine I can see the request being pushed out and the ack on the request packet comming back and then nothing for a while, then the client sends FIN and the request again at which point the server sends some 10 or so packets for which the client answers with RST. then they both wait a while and go at the whole thing again. so I dropped down the firewall, and nothing changed. and here's the killer - on the same server I have several other websites, some of them with forums and all of them work great ! Please - can someone tell me what might be the problem ? -- Oded ::.. "Flattery is all right, if you don't inhale." -- Adalai E. Stevenson ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
