From owner-freebsd-questions Tue Aug 27 23:21:55 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 20AB037B405 for ; Tue, 27 Aug 2002 23:21:50 -0700 (PDT) Received: from mail.thundernet.cz (mail.thundernet.cz [62.77.87.114]) by mx1.FreeBSD.org (Postfix) with SMTP id AE86643E65 for ; Tue, 27 Aug 2002 23:21:48 -0700 (PDT) (envelope-from neuhauser@bellavista.cz) Received: (qmail 12049 invoked from network); 28 Aug 2002 06:21:41 -0000 Received: from unknown (HELO freepuppy.bellavista.cz) (62.168.44.50) by mail.thundernet.cz with SMTP; 28 Aug 2002 06:21:41 -0000 Received: by freepuppy.bellavista.cz (Postfix, from userid 1001) id 0ABFFE2; Wed, 28 Aug 2002 08:21:40 +0200 (CEST) Date: Wed, 28 Aug 2002 08:21:40 +0200 From: Roman Neuhauser To: Jim McAtee Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Slow loading pages ipfilter/ipnat Message-ID: <20020828062140.GP21595@freepuppy.bellavista.cz> Mail-Followup-To: Jim McAtee , freebsd-questions@FreeBSD.ORG References: <00c901c24e18$637a3450$5003a8c0@jim> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <00c901c24e18$637a3450$5003a8c0@jim> User-Agent: Mutt/1.5.1i Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG > From: "Jim McAtee" > To: > Subject: Slow loading pages ipfilter/ipnat > Date: Tue, 27 Aug 2002 16:23:37 -0600 > > I'm testing a firewall setup (4.6.2 Release) with ipfilter compiled > into the kernel. I'm using ipnat to go from a network with > 192.168.0.0 addressing to the public address on the external facing > interface. For testing, right now I've got ipf rules just passing all > traffic. The firewall machine has two Intel 10/100 NICs. The machine > behind the firewall from which I'm testing is running Windows 2000 > Professional. > > Everything works as expected, except when browsing web pages that > require NT authentication. They load very very slowly. Other pages > being served from the same web server, and which require no > authentication, load fast. start ipmon or ethereal, and watch the trafic. there could be something your packet filter blocks that timeouts (?) -- FreeBSD 4.6-STABLE 8:19AM up 7 days, 14:12, 17 users, load averages: 0.00, 0.02, 0.00 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message