|
||||||||
Most certainly possible, however the two subnets here are 100Mbit local area networks - I'd hope that latency should not be all that common. That said, however, at the time the packets get dropped I've noticed that at least one of the subnets gets very slow, even to the point that connecting to the firewall login page from the subnet can time out (normally seems to happen when there is large files being transferred over SMB). Can m0n0 provide details on retransmitted packets etc, or do i need to stick probes into each subnet? cheers, rhys 2008/8/8 Chris Buechler <cbuechler at gmail dot com>: > On Thu, Aug 7, 2008 at 7:56 PM, Rhys Frederick <rhys dot frederick at gmail dot com> wrote: >> Hi, >> >> I'm using a Soekris 5501 with m0n0wall and have a rule set up to pass >> traffic between 2 interfaces. The rule is set to allow traffic from >> any source IP and source port on one interface to specified ip/ports >> on the other interface. I've noticed, however, that certain packets >> still get blocked. From the logs, the only thing I can see about these >> is that they tend to have source ports > 52,000. Is there anything >> further that can be done to debug why they are being blocked? >> > > Most likely http://doc.m0n0.ch/handbook/faq-legit-traffic-dropped.html > > -Chris > > --------------------------------------------------------------------- > To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch > For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch > > |