Manuel Kasper wrote:
> Brandon Holland wrote:
> > Let me clarify: m0n0 even logs my dropped packets. Now, I'm not using
> > bittorrent either, but the concept is the same.
> > By the way, I should have finished reading your message before I asked
> > if you had tried any other firewalls :)
> Logged dropped packets? Well if they are logged then there was a reason
> to drop them - a block rule (or no matching pass rule). Common reason:
> - TCP packets that ipfilter considers to be out-of-window or otherwise
> unacceptable (it checks various things such as flags, 3-way handshake
> adherance, sequence/ACK numbers, etc.) and that therefore don't match an
> entry in the state table but don't have only SYN set either --> blocked
> (stateful filtering!)
For me there are no logged packets. Even a ping has 10% packet loss!
> Otherwise you'll have to use the rule numbers in the logs to find out
> which rule actually caused the packet to be dropped (ipfstat -hnio on
For me it is *not* the firewall dropping packets.
> And to those with asymmetric links: remember that any uncapped upload
> can easily "kill" your connection (render it extremely slow) - use the
> traffic shaper or limit the outbound speed in your P2P filesharing tools!
As I said, it is *not* the WAN connection, same computer with IPCop worked
without problems, even with filesharing tools. If you have too much outgoing
traffic, the round trip times grow extremely, but m0n0 drops the packets
without any notice!