[ previous ] [ next ] [ threads ]
 
 From:  Jason King <jking at informs dot com>
 To:  Leigh Finch <leigh at leighfinch dot net>, m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Extreemely slow performance on a net4801
 Date:  Thu, 29 Sep 2005 06:38:01 -0500
Does your performance improve when using a m0n0wall installed on a PC
with a few NIC's in it? Does it improve when you have just a router
instead of a firewall? I notice that sis0 is autosensing a 10baseT
connection while the sis1 is autosensing a 100baseTX connection. There
is a bottleneck right there...I don't see how that could affect your
performance that much though. Try some different hardware and try not
using a firewall at all. It could be your ISP or the 4801. I'm using a
4501 and it works great. The 4501 has a throughput of about 16Mbits/s
and I think the 4801 SHOULD have a throughput of 50Mbits/s. Let us know.

Jason

Leigh Finch wrote:

>Hi all,
>
>I'm new to this software, so please forgive me if I'm doing something
>really stupid.
>
>I have set up m0n0wall 1.2b10, I know this is beta, but I have the same
>problem with the 1.11. I can connect to http servers at a slow but usable
>rate, but anything more than that (such as imap, pop3, voip), the
>connection seems to stall forever.
>
>Is anyone able to give me some advice?
>
>I have appended a copy of my status.php
>
>Best Regards
>Leigh Finch
>
>m0n0wall: status
>Thu Sep 29 06:59:44 UTC 2005
>
>System uptime
>
> 6:59AM  up 29 mins, 0 users, load averages: 0.00, 0.00, 0.00
>
>Interfaces
>
>sis0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
>	options=40<POLLING>
>	inet 192.168.1.1 netmask 0xffffff00 broadcast 192.168.1.255
>	ether 00:00:24:c3:ed:a8
>	media: Ethernet autoselect (10baseT/UTP)
>	status: active
>sis1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
>	options=40<POLLING>
>	ether 00:00:24:c3:ed:a9
>	media: Ethernet autoselect (100baseTX <full-duplex>)
>	status: active
>sis2: flags=8802<BROADCAST,SIMPLEX,MULTICAST> mtu 1500
>	options=40<POLLING>
>	ether 00:00:24:c3:ed:aa
>	media: Ethernet autoselect (none)
>	status: no carrier
>lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
>	inet 127.0.0.1 netmask 0xff000000
>ng0: flags=88d1<UP,POINTOPOINT,RUNNING,NOARP,SIMPLEX,MULTICAST> mtu 1492
>	inet 202.87.30.12 --> 202.93.160.4 netmask 0xffffffff
>
>Routing tables
>
>Routing tables
>
>Internet:
>Destination        Gateway            Flags    Refs      Use  Netif Expire
>default            202.93.160.4       UGSc        4     1294    ng0
>127.0.0.1          127.0.0.1          UH          1       80    lo0
>192.168.1          link#1             UC          2        0   sis0
>192.168.1.198      00:12:f0:84:8d:2c  UHLW        3      238   sis0    820
>192.168.1.199      00:11:95:c3:78:9d  UHLW        1      499   sis0   1132
>202.87.30.12       lo0                UHS         0        0    lo0
>202.93.160.4       202.87.30.12       UH          4        0    ng0
>
>ipfw show
>
>ipfw: getsockopt(IP_FW_GET): Protocol not available
>
>ipnat -lv
>
>List of active MAP/Redirect filters:
>map ng0 192.168.1.0/24 -> 0.0.0.0/32 proxy port ftp ftp/tcp
>map ng0 192.168.1.0/24 -> 0.0.0.0/32 portmap tcp/udp auto
>map ng0 192.168.1.0/24 -> 0.0.0.0/32
>
>List of active sessions:
>MAP 192.168.1.198   3649  <- -> 202.87.30.12    51041 [64.233.187.99 80]
>	age 17993 use 0 sumd 0xdf15/0xdf15 pr 6 bkt 421/1649 flags 1 drop 0/0
>	ifp ng0 bytes 4826 pkts 11
>MAP 192.168.1.198   3648  <- -> 202.87.30.12    51040 [80.238.135.125 80]
>	age 17991 use 0 sumd 0xdf15/0xdf15 pr 6 bkt 1168/349 flags 1 drop 0/0
>	ifp ng0 bytes 5432 pkts 15
>MAP 192.168.1.198   3647  <- -> 202.87.30.12    51039 [202.61.12.230 53]
>	age 1164 use 0 sumd 0xdf15/0xdf15 pr 17 bkt 841/22 flags 2 drop 0/0
>	ifp ng0 bytes 240 pkts 2
>
>List of active host mappings:
>192.168.1.101 -> 0.0.0.0 (use = 1 hv = 649)
>192.168.1.101 -> 0.0.0.0 (use = 1 hv = 649)
>192.168.1.198 -> 0.0.0.0 (use = 32 hv = 1037)
>192.168.1.199 -> 0.0.0.0 (use = 2 hv = 1041)
>
>ipfstat -v
>
>opts 0x40 name /dev/ipl
> IPv6 packets:		in 0 out 0
> input packets:		blocked 854 passed 3020 nomatch 0 counted 0 short 0
>output packets:		blocked 0 passed 3028 nomatch 0 counted 0 short 0
> input packets logged:	blocked 854 passed 86
>output packets logged:	blocked 0 passed 0
> packets logged:	input 0 output 0
> log failures:		input 0 output 0
>fragment state(in):	kept 0	lost 0	not fragmented 0
>fragment state(out):	kept 0	lost 0	not fragmented 0
>packet state(in):	kept 161	lost 0
>packet state(out):	kept 6	lost 0
>ICMP replies:	0	TCP RSTs sent:	0
>Invalid source(in):	0
>Result cache hits(in):	806	(out):	0
>IN Pullups succeeded:	0	failed:	0
>OUT Pullups succeeded:	0	failed:	0
>Fastroute successes:	0	failures:	0
>TCP cksum fails(in):	0	(out):	0
>Packet log flags set: (0)
>	none
>
>ipfstat -nio
>
>@1 pass out quick on lo0 from any to any
>@2 pass out quick on sis0 proto udp from 192.168.1.1/32 port = 67 to any
>port = 68
>@3 pass out quick on ng0 proto udp from any port = 68 to any port = 67
>@4 pass out quick on sis0 from any to any keep state
>@5 pass out quick on ng0 from any to any keep state
>@6 block out log quick from any to any
>@1 pass in quick on lo0 from any to any
>@2 block in log quick from any to any with short
>@3 block in log quick from any to any with ipopt
>@4 pass in quick on sis0 proto udp from any port = 68 to
>255.255.255.255/32 port = 67
>@5 pass in quick on sis0 proto udp from any port = 68 to 192.168.1.1/32
>port = 67
>@6 block in log quick on ng0 from 192.168.1.0/24 to any
>@7 block in log quick on ng0 proto udp from any port = 67 to
>192.168.1.0/24 port = 68
>@8 pass in quick on ng0 proto udp from any port = 67 to any port = 68
>@9 block in log quick on sis0 from !192.168.1.0/24 to any
>@10 block in log quick on ng0 from 10.0.0.0/8 to any
>@11 block in log quick on ng0 from 127.0.0.0/8 to any
>@12 block in log quick on ng0 from 172.16.0.0/12 to any
>@13 block in log quick on ng0 from 192.168.0.0/16 to any
>@14 skip 1 in proto tcp from any to any flags S/FSRA
>@15 block in log quick proto tcp from any to any
>@16 block in log quick on sis0 from any to any head 100
>@1 pass in quick from 192.168.1.0/24 to 192.168.1.1/32 keep state group 100
>@2 pass in log first quick from 192.168.1.0/24 to any keep state keep
>frags group 100
>@17 block in log quick on ng0 from any to any head 200
>@18 block in log quick from any to any
>
>unparsed ipnat rules
>
>map ng0 192.168.1.0/24  -> 0/32 proxy port ftp ftp/tcp
>map ng0 192.168.1.0/24  -> 0/32 portmap tcp/udp auto
>map ng0 192.168.1.0/24  -> 0/32
>
>unparsed ipfilter rules
>
># loopback
>pass in quick on lo0 all
>pass out quick on lo0 all
>
># block short packets
>block in log quick all with short
>
># block IP options
>block in log quick all with ipopts
>
># allow access to DHCP server on LAN
>pass in quick on sis0 proto udp from any port = 68 to 255.255.255.255 port
>= 67
>pass in quick on sis0 proto udp from any port = 68 to 192.168.1.1 port = 67
>pass out quick on sis0 proto udp from 192.168.1.1 port = 67 to any port = 68
>
># WAN spoof check
>block in log quick on ng0 from 192.168.1.0/24 to any
>
># allow our DHCP client out to the WAN
># XXX - should be more restrictive
># (not possible at the moment - need 'me' like in ipfw)
>pass out quick on ng0 proto udp from any port = 68 to any port = 67
>block in log quick on ng0 proto udp from any port = 67 to 192.168.1.0/24
>port = 68
>pass in quick on ng0 proto udp from any port = 67 to any port = 68
>
># LAN/OPT spoof check (needs to be after DHCP because of broadcast addresses)
>block in log quick on sis0 from ! 192.168.1.0/24 to any
>
># block anything from private networks on WAN interface
>block in log quick on ng0 from 10.0.0.0/8 to any
>block in log quick on ng0 from 127.0.0.0/8 to any
>block in log quick on ng0 from 172.16.0.0/12 to any
>block in log quick on ng0 from 192.168.0.0/16 to any
>
># Block TCP packets that do not mark the start of a connection
>skip 1 in proto tcp all flags S/SAFR
>block in log quick proto tcp all
>
>#---------------------------------------------------------------------------
># group head 100 - LAN interface
>#---------------------------------------------------------------------------
>block in log quick on sis0 all head 100
>
># let out anything from the firewall host itself and decrypted IPsec traffic
>pass out quick on sis0 all keep state
>
>#---------------------------------------------------------------------------
># group head 200 - WAN interface
>#---------------------------------------------------------------------------
>block in log quick on ng0 all head 200
>
># let out anything from the firewall host itself and decrypted IPsec traffic
>pass out quick on ng0 all keep state
>
># make sure the user cannot lock himself out of the webGUI
>pass in quick from 192.168.1.0/24 to 192.168.1.1 keep state group 100
>
># User-defined rules follow
>pass in log first quick from 192.168.1.0/24 to any keep state keep frags
>group 100
>
>#---------------------------------------------------------------------------
># default rules (just to be sure)
>#---------------------------------------------------------------------------
>block in log quick all
>block out log quick all
>
>unparsed ipfw rules
>
>add 50000 set 4 pass all from 192.168.1.1 to any
>add 50001 set 4 pass all from any to 192.168.1.1
>
>resolv.conf
>
>domain local
>nameserver 202.93.160.11
>nameserver 202.93.176.133
>
>Processes
>
>USER     PID %CPU %MEM   VSZ  RSS  TT  STAT STARTED      TIME COMMAND
>root     335 42.0  5.2  6664 5996  ??  SN    6:59AM   0:00.93
>/usr/local/bin/php status.php
>root     357  0.0  0.8  1332  876  ??  SN    6:59AM   0:00.02 sh -c ps
>xauww 2>&1
>root     336  0.0  1.1  2256 1296  ??  S     6:59AM   0:00.05
>/usr/local/sbin/mini_httpd -c **.php|**.cgi -u root -maxproc 16 -i
>/var/run/mini_httpd.pid
>root     240  0.0  0.7  1104  788  ??  I     6:31AM   0:00.02
>/usr/local/bin/msntp -r -P no -l /var/run/msntp.pid -x 300 pool.ntp.org
>root     125  0.0  0.8  1336  904  ??  I     6:30AM   0:00.03 /bin/sh
>/etc/rc.initial console
>root     101  0.0  0.8  1332  872  d0- I     6:30AM   0:00.12 /bin/sh
>/usr/local/bin/runmsntp.sh /var/run/runmsntp.pid /var/run/msntp.pid 300 
>pool.ntp.org
>root      97  0.0  1.3  1808 1508  ??  Is    6:30AM   0:00.02
>/usr/local/sbin/dhcpd -cf /var/etc/dhcpd.conf sis0
>nobody    95  0.0  0.7  1012  780  ??  I     6:30AM   0:00.11
>/usr/local/sbin/dnsmasq
>root      90  0.0  1.1  2248 1220  ??  Ss    6:30AM   0:00.08
>/usr/local/sbin/mini_httpd -c **.php|**.cgi -u root -maxproc 16 -i
>/var/run/mini_httpd.pid
>root      87  0.0  0.6  1004  708  ??  Ss    6:30AM   0:00.27
>/usr/sbin/syslogd -ss
>root      82  0.0  1.1  1456 1240  ??  Ss    6:30AM   0:00.25 /sbin/ipmon -sD
>root      71  0.0  1.2  2256 1348  ??  Ss    6:30AM   0:00.23
>/usr/local/sbin/mpd -b -d /var/etc -p /var/run/mpd.pid pppoe
>root       9  0.0  0.0     0    0  ??  DL    6:30AM   0:00.02  (vnlru)
>root       8  0.0  0.0     0    0  ??  DL    6:30AM   0:00.06  (syncer)
>root       7  0.0  0.0     0    0  ??  DL    6:30AM   0:00.02  (bufdaemon)
>root       6  0.0  0.0     0    0  ??  DL    6:30AM   0:00.00  (pagedaemon)
>root       5  0.0  0.0     0    0  ??  DL    6:30AM   0:00.00  (usbtask)
>root       4  0.0  0.0     0    0  ??  DL    6:30AM   0:00.00  (usb0)
>root       3  0.0  0.0     0    0  ??  DL    6:30AM   0:00.00  (taskqueue)
>root       2  0.0  0.0     0    0  ??  DL    6:30AM   0:00.00  (cryptoret)
>root       1  0.0  0.6  1060  716  ??  ILs   6:30AM   0:00.04 /sbin/init --
>root     358  0.0  0.6  1080  640  ??  RN    6:59AM   0:00.00 ps xauww
>root       0  0.0  0.0     0    0  ??  DLs   6:30AM   0:00.00  (swapper)
>
>dhcpd.conf
>
>option domain-name "local";
>default-lease-time 7200;
>max-lease-time 86400;
>authoritative;
>log-facility local7;
>ddns-update-style none;
>subnet 192.168.1.0 netmask 255.255.255.0 {
>	pool {
>		range 192.168.1.100 192.168.1.199;
>	}
>	option routers 192.168.1.1;
>	option domain-name-servers 192.168.1.1;
>}
>
>ez-ipupdate.cache
>
>cat: /conf/ez-ipupdate.cache: No such file or directory
>
>df
>
>Filesystem 512-blocks  Used Avail Capacity  Mounted on
>/dev/md0c       21758 20188  1570    93%    /
>procfs              8     8     0   100%    /proc
>/dev/ad0a       11838  9516  2322    80%    /cf
>
>racoon.conf
>
>cat: /var/etc/racoon.conf: No such file or directory
>
>SPD
>
>No SPD entries.
>
>SAD
>
>No SAD entries.
>
>last 200 system log entries
>Sep 29 06:31:00 m0n0wall mpd: [pppoe] PPPoE connection timeout after 9
>seconds
>Sep 29 06:31:00 m0n0wall mpd: [pppoe] device: DOWN event in state OPENING
>Sep 29 06:31:00 m0n0wall mpd: [pppoe] device is now in state DOWN
>Sep 29 06:31:00 m0n0wall mpd: [pppoe] link: DOWN event
>Sep 29 06:31:00 m0n0wall mpd: [pppoe] LCP: Down event
>Sep 29 06:31:00 m0n0wall mpd: [pppoe] device: OPEN event in state DOWN
>Sep 29 06:31:00 m0n0wall mpd: [pppoe] pausing 4 seconds before open
>Sep 29 06:31:00 m0n0wall mpd: [pppoe] device is now in state DOWN
>Sep 29 06:31:04 m0n0wall mpd: [pppoe] device: OPEN event in state DOWN
>Sep 29 06:31:04 m0n0wall mpd: [pppoe] pausing 1 seconds before open
>Sep 29 06:31:04 m0n0wall mpd: [pppoe] device is now in state DOWN
>Sep 29 06:31:05 m0n0wall mpd: [pppoe] device: OPEN event in state DOWN
>Sep 29 06:31:05 m0n0wall mpd: [pppoe] device is now in state OPENING
>Sep 29 06:31:07 m0n0wall mpd: [pppoe] rec'd ACNAME "nkw4-kent"
>Sep 29 06:31:07 m0n0wall mpd: [pppoe] PPPoE connection successful
>Sep 29 06:31:07 m0n0wall mpd: [pppoe] device: UP event in state OPENING
>Sep 29 06:31:07 m0n0wall mpd: [pppoe] device is now in state UP
>Sep 29 06:31:07 m0n0wall mpd: [pppoe] link: UP event
>Sep 29 06:31:07 m0n0wall mpd: [pppoe] link: origination is local
>Sep 29 06:31:07 m0n0wall mpd: [pppoe] LCP: Up event
>Sep 29 06:31:07 m0n0wall mpd: [pppoe] LCP: state change Starting --> Req-Sent
>Sep 29 06:31:07 m0n0wall mpd: [pppoe] LCP: phase shift DEAD --> ESTABLISH
>Sep 29 06:31:07 m0n0wall mpd: [pppoe] LCP: SendConfigReq #1
>Sep 29 06:31:07 m0n0wall mpd:  MRU 1492
>Sep 29 06:31:07 m0n0wall mpd:  MAGICNUM 49d1e3a8
>Sep 29 06:31:07 m0n0wall mpd: [pppoe] LCP: rec'd Configure Request #7 link
>0 (Req-Sent)
>Sep 29 06:31:07 m0n0wall mpd:  MAGICNUM 46ce47a4
>Sep 29 06:31:07 m0n0wall mpd:  MRU 1500
>Sep 29 06:31:07 m0n0wall mpd:  AUTHPROTO CHAP MD5
>Sep 29 06:31:07 m0n0wall mpd: [pppoe] LCP: SendConfigAck #7
>Sep 29 06:31:07 m0n0wall mpd:  MAGICNUM 46ce47a4
>Sep 29 06:31:07 m0n0wall mpd:  MRU 1500
>Sep 29 06:31:07 m0n0wall mpd:  AUTHPROTO CHAP MD5
>Sep 29 06:31:07 m0n0wall mpd: [pppoe] LCP: state change Req-Sent --> Ack-Sent
>Sep 29 06:31:07 m0n0wall mpd: [pppoe] LCP: rec'd Configure Ack #1 link 0
>(Ack-Sent)
>Sep 29 06:31:07 m0n0wall mpd:  MRU 1492
>Sep 29 06:31:07 m0n0wall mpd:  MAGICNUM 49d1e3a8
>Sep 29 06:31:07 m0n0wall mpd: [pppoe] LCP: state change Ack-Sent --> Opened
>Sep 29 06:31:07 m0n0wall mpd: [pppoe] LCP: phase shift ESTABLISH -->
>AUTHENTICATE
>Sep 29 06:31:07 m0n0wall mpd: [pppoe] LCP: auth: peer wants CHAP, I want
>nothing
>Sep 29 06:31:07 m0n0wall mpd: [pppoe] LCP: LayerUp
>Sep 29 06:31:07 m0n0wall mpd: [pppoe] CHAP: rec'd CHALLENGE #1
>Sep 29 06:31:07 m0n0wall mpd:  Name: "nkw4-kent"
>Sep 29 06:31:07 m0n0wall mpd:  Using authname "c0264951580 at nbdsl dot net"
>Sep 29 06:31:07 m0n0wall mpd: [pppoe] CHAP: sending RESPONSE
>Sep 29 06:31:08 m0n0wall mpd: [pppoe] LCP: rec'd Configure Request #1 link
>0 (Opened)
>Sep 29 06:31:08 m0n0wall mpd:  AUTHPROTO PAP
>Sep 29 06:31:08 m0n0wall mpd:  MAGICNUM 60ab0773
>Sep 29 06:31:08 m0n0wall mpd: [pppoe] LCP: LayerDown
>Sep 29 06:31:08 m0n0wall mpd: [pppoe] LCP: SendConfigReq #2
>Sep 29 06:31:08 m0n0wall mpd:  MRU 1492
>Sep 29 06:31:08 m0n0wall mpd:  MAGICNUM 49d1e3a8
>Sep 29 06:31:08 m0n0wall mpd: [pppoe] LCP: SendConfigAck #1
>Sep 29 06:31:08 m0n0wall mpd:  AUTHPROTO PAP
>Sep 29 06:31:08 m0n0wall mpd:  MAGICNUM 60ab0773
>Sep 29 06:31:08 m0n0wall mpd: [pppoe] LCP: state change Opened --> Ack-Sent
>Sep 29 06:31:08 m0n0wall mpd: [pppoe] LCP: phase shift AUTHENTICATE -->
>ESTABLISH
>Sep 29 06:31:08 m0n0wall mpd: [pppoe] LCP: rec'd Configure Ack #2 link 0
>(Ack-Sent)
>Sep 29 06:31:08 m0n0wall mpd:  MRU 1492
>Sep 29 06:31:08 m0n0wall mpd:  MAGICNUM 49d1e3a8
>Sep 29 06:31:08 m0n0wall mpd: [pppoe] LCP: state change Ack-Sent --> Opened
>Sep 29 06:31:08 m0n0wall mpd: [pppoe] LCP: phase shift ESTABLISH -->
>AUTHENTICATE
>Sep 29 06:31:08 m0n0wall mpd: [pppoe] LCP: auth: peer wants PAP, I want
>nothing
>Sep 29 06:31:08 m0n0wall mpd: [pppoe] PAP: using authname
>"c0264951580 at nbdsl dot net"
>Sep 29 06:31:08 m0n0wall mpd: [pppoe] PAP: sending REQUEST
>Sep 29 06:31:08 m0n0wall mpd: [pppoe] LCP: LayerUp
>Sep 29 06:31:08 m0n0wall mpd: [pppoe] PAP: rec'd ACK #1
>Sep 29 06:31:08 m0n0wall mpd: [pppoe] LCP: authorization successful
>Sep 29 06:31:08 m0n0wall mpd: [pppoe] LCP: phase shift AUTHENTICATE -->
>NETWORK
>Sep 29 06:31:08 m0n0wall mpd: [pppoe] setting interface ng0 MTU to 1492 bytes
>Sep 29 06:31:08 m0n0wall mpd: [pppoe] up: 1 link, total bandwidth 64000 bps
>Sep 29 06:31:08 m0n0wall mpd: [pppoe] IPCP: Up event
>Sep 29 06:31:08 m0n0wall mpd: [pppoe] IPCP: state change Starting -->
>Req-Sent
>Sep 29 06:31:08 m0n0wall mpd: [pppoe] IPCP: SendConfigReq #1
>Sep 29 06:31:08 m0n0wall mpd:  IPADDR 0.0.0.0
>Sep 29 06:31:08 m0n0wall mpd:  COMPPROTO VJCOMP, 16 comp. channels, no
>comp-cid
>Sep 29 06:31:08 m0n0wall mpd:  PRIDNS 0.0.0.0
>Sep 29 06:31:08 m0n0wall mpd:  SECDNS 0.0.0.0
>Sep 29 06:31:08 m0n0wall mpd: [pppoe] IPCP: rec'd Configure Request #1
>link 0 (Req-Sent)
>Sep 29 06:31:08 m0n0wall mpd:  COMPPROTO VJCOMP, 16 comp. channels, no
>comp-cid
>Sep 29 06:31:08 m0n0wall mpd:  IPADDR 202.93.160.4
>Sep 29 06:31:08 m0n0wall mpd:    202.93.160.4 is OK
>Sep 29 06:31:08 m0n0wall mpd: [pppoe] IPCP: SendConfigAck #1
>Sep 29 06:31:08 m0n0wall mpd:  COMPPROTO VJCOMP, 16 comp. channels, no
>comp-cid
>Sep 29 06:31:08 m0n0wall mpd:  IPADDR 202.93.160.4
>Sep 29 06:31:08 m0n0wall mpd: [pppoe] IPCP: state change Req-Sent -->
>Ack-Sent
>Sep 29 06:31:08 m0n0wall mpd: [pppoe] IPCP: rec'd Configure Nak #1 link 0
>(Ack-Sent)
>Sep 29 06:31:08 m0n0wall mpd:  IPADDR 202.87.30.12
>Sep 29 06:31:08 m0n0wall mpd:    202.87.30.12 is OK
>Sep 29 06:31:08 m0n0wall mpd:  PRIDNS 202.93.160.11
>Sep 29 06:31:08 m0n0wall mpd:  SECDNS 202.93.176.133
>Sep 29 06:31:08 m0n0wall mpd: [pppoe] IPCP: SendConfigReq #2
>Sep 29 06:31:08 m0n0wall mpd:  IPADDR 202.87.30.12
>Sep 29 06:31:08 m0n0wall mpd:  COMPPROTO VJCOMP, 16 comp. channels, no
>comp-cid
>Sep 29 06:31:08 m0n0wall mpd:  PRIDNS 202.93.160.11
>Sep 29 06:31:08 m0n0wall mpd:  SECDNS 202.93.176.133
>Sep 29 06:31:08 m0n0wall mpd: [pppoe] IPCP: rec'd Configure Ack #2 link 0
>(Ack-Sent)
>Sep 29 06:31:08 m0n0wall mpd:  IPADDR 202.87.30.12
>Sep 29 06:31:08 m0n0wall mpd:  COMPPROTO VJCOMP, 16 comp. channels, no
>comp-cid
>Sep 29 06:31:08 m0n0wall mpd:  PRIDNS 202.93.160.11
>Sep 29 06:31:08 m0n0wall mpd:  SECDNS 202.93.176.133
>Sep 29 06:31:08 m0n0wall mpd: [pppoe] IPCP: state change Ack-Sent --> Opened
>Sep 29 06:31:08 m0n0wall mpd: [pppoe] IPCP: LayerUp
>Sep 29 06:31:08 m0n0wall mpd:   202.87.30.12 -> 202.93.160.4
>Sep 29 06:31:08 m0n0wall mpd: [pppoe] IFACE: Up event
>Sep 29 06:31:08 m0n0wall mpd: [pppoe] setting interface ng0 MTU to 1492 bytes
>Sep 29 06:31:08 m0n0wall mpd: [pppoe] exec: /sbin/ifconfig ng0
>202.87.30.12 202.93.160.4 netmask 0xffffffff -link0
>Sep 29 06:31:08 m0n0wall mpd: [pppoe] exec: /sbin/route add 202.87.30.12
>-iface lo0
>Sep 29 06:31:08 m0n0wall mpd: [pppoe] exec: /sbin/route add 0.0.0.0
>202.93.160.4
>Sep 29 06:31:08 m0n0wall mpd: [pppoe] exec: /usr/local/sbin/ppp-linkup ng0
>inet 202.87.30.12 202.93.160.4 c0264951580 at nbdsl dot net dns1 202.93.160.11
>dns2 202.93.176.133
>Sep 29 06:31:08 m0n0wall mpd: [pppoe] IFACE: Up event
>Sep 29 06:31:10 m0n0wall mpd: [pppoe] rec'd signal usr1, opening
>Sep 29 06:31:10 m0n0wall mpd: [pppoe] IPCP: Open event
>Sep 29 06:31:10 m0n0wall mpd: [pppoe] bundle: OPEN event in state OPENED
>Sep 29 06:31:10 m0n0wall mpd: [pppoe] opening link "pppoe"...
>Sep 29 06:31:10 m0n0wall mpd: [pppoe] link: OPEN event
>Sep 29 06:31:10 m0n0wall mpd: [pppoe] LCP: Open event
>Sep 29 06:31:13 m0n0wall dnsmasq[95]: reading /etc/resolv.conf
>Sep 29 06:31:13 m0n0wall dnsmasq[95]: using nameserver 202.93.176.133#53
>Sep 29 06:31:13 m0n0wall dnsmasq[95]: using nameserver 202.93.160.11#53
>
>last 50 filter log entries
>
>Sep 29 06:54:20 m0n0wall ipmon[82]: 06:54:19.325386 13x sis0 @0:9 b
>192.168.0.1,1900 -> 239.255.255.250,1900 PR udp len 20 280 IN
>Sep 29 06:54:40 m0n0wall ipmon[82]: 06:54:39.326223 13x sis0 @0:9 b
>192.168.0.1,1900 -> 239.255.255.250,1900 PR udp len 20 280 IN
>Sep 29 06:54:41 m0n0wall ipmon[82]: 06:54:41.116724 sis0 @100:2 p
>192.168.1.198,3625 -> 64.233.187.99,80 PR tcp len 20 48 -S K-S K-F IN
>Sep 29 06:54:44 m0n0wall ipmon[82]: 06:54:44.197652 sis0 @100:2 p
>192.168.1.198,3626 -> 202.61.12.230,53 PR udp len 20 88 K-S K-F IN
>Sep 29 06:55:00 m0n0wall ipmon[82]: 06:54:59.327183 13x sis0 @0:9 b
>192.168.0.1,1900 -> 239.255.255.250,1900 PR udp len 20 280 IN
>Sep 29 06:55:09 m0n0wall ipmon[82]: 06:55:08.379767 sis0 @100:2 p
>192.168.1.198,3627 -> 64.233.187.99,80 PR tcp len 20 48 -S K-S K-F IN
>Sep 29 06:55:17 m0n0wall ipmon[82]: 06:55:16.916027 sis0 @100:2 p
>192.168.1.198,3628 -> 80.238.135.125,80 PR tcp len 20 48 -S K-S K-F IN
>Sep 29 06:55:19 m0n0wall ipmon[82]: 06:55:19.068381 sis0 @100:2 p
>192.168.1.198,3629 -> 64.233.187.99,80 PR tcp len 20 48 -S K-S K-F IN
>Sep 29 06:55:19 m0n0wall ipmon[82]: 06:55:19.328195 13x sis0 @0:9 b
>192.168.0.1,1900 -> 239.255.255.250,1900 PR udp len 20 280 IN
>Sep 29 06:55:39 m0n0wall ipmon[82]: 06:55:39.329323 13x sis0 @0:9 b
>192.168.0.1,1900 -> 239.255.255.250,1900 PR udp len 20 280 IN
>Sep 29 06:55:45 m0n0wall ipmon[82]: 06:55:44.714377 sis0 @100:2 p
>192.168.1.198,3630 -> 202.61.12.230,53 PR udp len 20 88 K-S K-F IN
>Sep 29 06:55:59 m0n0wall ipmon[82]: 06:55:59.330409 13x sis0 @0:9 b
>192.168.0.1,1900 -> 239.255.255.250,1900 PR udp len 20 280 IN
>Sep 29 06:56:18 m0n0wall ipmon[82]: 06:56:17.620397 sis0 @100:2 p
>192.168.1.199,2609 -> 12.120.29.14,80 PR tcp len 20 48 -S K-S K-F IN
>Sep 29 06:56:18 m0n0wall ipmon[82]: 06:56:17.899137 2x sis0 @0:9 b
>10.1.3.3,138 -> 10.1.3.255,138 PR udp len 20 243 IN
>Sep 29 06:56:19 m0n0wall ipmon[82]: 06:56:19.331549 13x sis0 @0:9 b
>192.168.0.1,1900 -> 239.255.255.250,1900 PR udp len 20 280 IN
>Sep 29 06:56:34 m0n0wall ipmon[82]: 06:56:33.785362 sis0 @100:2 p
>192.168.1.198,3631 -> 12.120.29.14,80 PR tcp len 20 48 -S K-S K-F IN
>Sep 29 06:56:35 m0n0wall ipmon[82]: 06:56:34.716231 sis0 @100:2 p
>192.168.1.198,3632 -> 202.61.12.230,53 PR udp len 20 80 K-S K-F IN
>Sep 29 06:56:39 m0n0wall ipmon[82]: 06:56:39.332600 13x sis0 @0:9 b
>192.168.0.1,1900 -> 239.255.255.250,1900 PR udp len 20 280 IN
>Sep 29 06:56:46 m0n0wall ipmon[82]: 06:56:45.971415 sis0 @100:2 p
>192.168.1.198,3633 -> 202.61.12.230,53 PR udp len 20 88 K-S K-F IN
>Sep 29 06:56:59 m0n0wall ipmon[82]: 06:56:59.333681 13x sis0 @0:9 b
>192.168.0.1,1900 -> 239.255.255.250,1900 PR udp len 20 280 IN
>Sep 29 06:57:19 m0n0wall ipmon[82]: 06:57:19.334404 13x sis0 @0:9 b
>192.168.0.1,1900 -> 239.255.255.250,1900 PR udp len 20 280 IN
>Sep 29 06:57:30 m0n0wall ipmon[82]: 06:57:30.260961 sis0 @100:2 p
>192.168.1.198,3634 -> 65.54.239.80,1863 PR tcp len 20 48 -S K-S K-F IN
>Sep 29 06:57:35 m0n0wall ipmon[82]: 06:57:34.859019 sis0 @100:2 p
>192.168.1.198,3635 -> 207.46.2.87,1863 PR tcp len 20 48 -S K-S K-F IN
>Sep 29 06:57:39 m0n0wall ipmon[82]: 06:57:39.193446 sis0 @100:2 p
>192.168.1.198,3636 -> 65.54.179.192,80 PR tcp len 20 48 -S K-S K-F IN
>Sep 29 06:57:39 m0n0wall ipmon[82]: 06:57:39.335445 13x sis0 @0:9 b
>192.168.0.1,1900 -> 239.255.255.250,1900 PR udp len 20 280 IN
>Sep 29 06:57:45 m0n0wall ipmon[82]: 06:57:44.609243 sis0 @100:2 p
>192.168.1.198,3637 -> 207.68.177.126,80 PR tcp len 20 48 -S K-S K-F IN
>Sep 29 06:57:48 m0n0wall ipmon[82]: 06:57:47.628051 sis0 @100:2 p
>192.168.1.198,3638 -> 64.4.12.200,7001 PR udp len 20 48 K-S K-F IN
>Sep 29 06:57:48 m0n0wall ipmon[82]: 06:57:47.630364 sis0 @100:2 p
>192.168.1.198,3639 -> 64.4.12.200,7001 PR udp len 20 48 K-S K-F IN
>Sep 29 06:57:48 m0n0wall ipmon[82]: 06:57:47.658014 sis0 @100:2 p
>192.168.1.198,3640 -> 207.68.178.61,80 PR tcp len 20 48 -S K-S K-F IN
>Sep 29 06:57:48 m0n0wall ipmon[82]: 06:57:47.663615 sis0 @100:2 p
>192.168.1.198,3641 -> 207.68.178.61,80 PR tcp len 20 48 -S K-S K-F IN
>Sep 29 06:57:48 m0n0wall ipmon[82]: 06:57:47.702175 sis0 @100:2 p
>192.168.1.198,3642 -> 65.54.157.111,80 PR tcp len 20 48 -S K-S K-F IN
>Sep 29 06:57:48 m0n0wall ipmon[82]: 06:57:48.067637 sis0 @100:2 p
>192.168.1.198,3644 -> 210.9.72.175,80 PR tcp len 20 48 -S K-S K-F IN
>Sep 29 06:57:51 m0n0wall ipmon[82]: 06:57:50.574209 sis0 @100:2 p
>192.168.1.198,3639 -> 64.4.12.201,9 PR udp len 20 28 K-S K-F IN
>Sep 29 06:57:51 m0n0wall ipmon[82]: 06:57:50.780989 3x ng0 @0:17 b
>64.4.12.201,7001 -> 202.87.30.12,51031 PR udp len 20 48 IN
>Sep 29 06:57:52 m0n0wall ipmon[82]: 06:57:52.298174 ng0 @0:17 b
>64.4.12.201,7001 -> 202.87.30.12,51031 PR udp len 20 48 IN
>Sep 29 06:57:54 m0n0wall ipmon[82]: 06:57:53.942769 ng0 @0:17 b
>64.4.12.201,7001 -> 202.87.30.12,51031 PR udp len 20 48 IN
>Sep 29 06:57:57 m0n0wall ipmon[82]: 06:57:56.947377 sis0 @100:2 p
>192.168.1.198,3639 -> 64.4.12.201,7001 PR udp len 20 48 K-S K-F IN
>Sep 29 06:57:59 m0n0wall ipmon[82]: 06:57:59.336523 13x sis0 @0:9 b
>192.168.0.1,1900 -> 239.255.255.250,1900 PR udp len 20 280 IN
>Sep 29 06:58:12 m0n0wall ipmon[82]: 06:58:11.715830 sis0 @100:2 p
>192.168.1.198,3645 -> 202.61.12.230,53 PR udp len 20 88 K-S K-F IN
>Sep 29 06:58:19 m0n0wall ipmon[82]: 06:58:19.337598 13x sis0 @0:9 b
>192.168.0.1,1900 -> 239.255.255.250,1900 PR udp len 20 280 IN
>Sep 29 06:58:37 m0n0wall ipmon[82]: 06:58:37.506578 sis0 @100:2 p
>192.168.1.199,2610 -> 12.120.29.14,80 PR tcp len 20 48 -S K-S K-F IN
>Sep 29 06:58:39 m0n0wall ipmon[82]: 06:58:39.338566 13x sis0 @0:9 b
>192.168.0.1,1900 -> 239.255.255.250,1900 PR udp len 20 280 IN
>Sep 29 06:58:54 m0n0wall ipmon[82]: 06:58:53.801950 sis0 @100:2 p
>192.168.1.198,3646 -> 12.120.29.14,80 PR tcp len 20 48 -S K-S K-F IN
>Sep 29 06:58:59 m0n0wall ipmon[82]: 06:58:59.339271 13x sis0 @0:9 b
>192.168.0.1,1900 -> 239.255.255.250,1900 PR udp len 20 280 IN
>Sep 29 06:59:19 m0n0wall ipmon[82]: 06:59:19.339909 13x sis0 @0:9 b
>192.168.0.1,1900 -> 239.255.255.250,1900 PR udp len 20 280 IN
>Sep 29 06:59:27 m0n0wall ipmon[82]: 06:59:26.965798 sis0 @100:2 p
>192.168.1.198,3647 -> 202.61.12.230,53 PR udp len 20 88 K-S K-F IN
>Sep 29 06:59:31 m0n0wall ipmon[82]: 06:59:31.300565 sis0 @0:9 b
>10.1.3.30,138 -> 10.1.3.255,138 PR udp len 20 229 IN
>Sep 29 06:59:32 m0n0wall ipmon[82]: 06:59:32.464201 sis0 @100:2 p
>192.168.1.198,3648 -> 80.238.135.125,80 PR tcp len 20 48 -S K-S K-F IN
>Sep 29 06:59:39 m0n0wall ipmon[82]: 06:59:39.340671 13x sis0 @0:9 b
>192.168.0.1,1900 -> 239.255.255.250,1900 PR udp len 20 280 IN
>Sep 29 06:59:40 m0n0wall ipmon[82]: 06:59:40.286943 sis0 @100:2 p
>192.168.1.198,3649 -> 64.233.187.99,80 PR tcp len 20 48 -S K-S K-F IN
>
>ls /conf
>
>config.xml
>
>ls /var/run
>
>dev.db
>dhcpd.pid
>dnsmasq.pid
>htpasswd
>ipmon.pid
>ld-elf.so.hints
>log
>mini_httpd.pid
>mpd.pid
>msntp.pid
>runmsntp.pid
>syslog.pid
>utmp
>
>config.xml
>
><?xml version="1.0"?>
><m0n0wall>
>    <version>1.5</version>
>    <lastchange>1127975644</lastchange>
>    <system>
>        <hostname>m0n0wall</hostname>
>        <domain>local</domain>
>        <dnsserver/>
>        <dnsallowoverride/>
>        <username>admin</username>
>        <password>xxxxx</password>
>        <timezone>Etc/UTC</timezone>
>        <time-update-interval>300</time-update-interval>
>        <timeservers>pool.ntp.org</timeservers>
>        <webgui>
>            <protocol>http</protocol>
>        </webgui>
>    </system>
>    <interfaces>
>        <lan>
>            <if>sis0</if>
>            <ipaddr>192.168.1.1</ipaddr>
>            <subnet>24</subnet>
>            <media/>
>            <mediaopt/>
>        </lan>
>        <wan>
>            <if>sis1</if>
>            <mtu/>
>            <blockpriv/>
>            <media/>
>            <mediaopt/>
>            <ipaddr>pppoe</ipaddr>
>            <spoofmac/>
>        </wan>
>    </interfaces>
>    <staticroutes/>
>    <pppoe>
>        <username>xxxxx at nbdsl dot net</username>
>        <password>xxxxx</password>
>        <provider/>
>        <timeout/>
>    </pppoe>
>    <pptp/>
>    <bigpond/>
>    <dyndns>
>        <type>dyndns</type>
>        <username/>
>        <password/>
>        <host/>
>        <mx/>
>        <server/>
>        <port/>
>    </dyndns>
>    <dnsupdate/>
>    <dhcpd>
>        <lan>
>            <enable/>
>            <range>
>                <from>192.168.1.100</from>
>                <to>192.168.1.199</to>
>            </range>
>        </lan>
>    </dhcpd>
>    <pptpd>
>        <mode/>
>        <redir/>
>        <localip/>
>        <remoteip/>
>    </pptpd>
>    <ovpn/>
>    <dnsmasq>
>        <enable/>
>    </dnsmasq>
>    <snmpd>
>        <syslocation/>
>        <syscontact/>
>        <rocommunity>public</rocommunity>
>    </snmpd>
>    <diag>
>        <ipv6nat>
>            <ipaddr/>
>        </ipv6nat>
>    </diag>
>    <bridge/>
>    <syslog/>
>    <nat/>
>    <filter>
>        <rule>
>            <type>pass</type>
>            <interface>lan</interface>
>            <source>
>                <network>lan</network>
>            </source>
>            <destination>
>                <any/>
>            </destination>
>            <log/>
>            <frags/>
>            <descr>Default LAN -&gt; any</descr>
>        </rule>
>    </filter>
>    <shaper/>
>    <ipsec/>
>    <aliases/>
>    <proxyarp/>
>    <wol/>
></m0n0wall>
>
>
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>  
>