On 26/05/07, Andrew Suffield <[EMAIL PROTECTED]> wrote:
tcpdump -w just saves the traffic to a file. Saving the wireshark capture does exactly the same thing, it's just easier to install tcpdump; either way will work fine. Posting the captures so we can look at it is probably the only thing left to do at this point, given how bizarre this problem is. Remember - it's important to get a capture of the *same* session from all the interesting points (at least the server, client, and both interfaces of the firewall).
OK, I'll need a bit of time to do this...
We'll also need the output of 'shorewall dump' (I don't think you posted that yet). Follow #3 on http://shorewall.net/support.htm
But this bit I have just done. I restarted shorewall with rate limiting in the ssh rule, on the server, and on my local machine tried to scp a file from the server to local machine, which stalled. While it was stalled (i.e. I didn't ctrl-c out) i did a dump, the result of which is attached. I'll work on getting useful tcpdump/wireshark output from the server. J.
status.txt.bz2
Description: BZip2 compressed data
------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
