Date: Tue, 14 Nov 2000 01:29:01 -0500 From: JT <luser@ahab.com> To: Peter Philipp <pjp@daemonium.com> Cc: Rod Taylor <rbt@zort.on.ca>, chat@gtabug.org, freebsd-stable@FreeBSD.ORG Subject: Re: gtabug - Problems with Firewall???? Message-ID: <20001114012901.C396@sseye.ahab.com> In-Reply-To: <20001114005807.C25362@daemonium.com>; from pjp@daemonium.com on Tue, Nov 14, 2000 at 12:58:07AM -0500 References: <3A10A8AE.7AD404EA@zort.on.ca> <20001114005807.C25362@daemonium.com>
next in thread | previous in thread | raw e-mail | index | archive | help
tcpdump is an excellent place to start. Certain ssh clients talking to certain ssh servers have, in my experience, resulted in funny stuff - window size going to zero and staying there - that is really best detected via tcpdump. Interference from firewall rules can be easily inferred this way, too. But occasionally it's something simpler like key regeneration on a slow machine more interested in other things - this is where ssh -v can give you hints that something is moving so slowly you it just looks stuck... On Tue, Nov 14, 2000 at 12:58:07AM -0500, Peter Philipp wrote: > On Mon, Nov 13, 2000 at 09:51:26PM -0500, Rod Taylor wrote: > > Needless to say, it's something weird with IPF, Nat, and SSH on both > > ends of the connection through the previous two... Removing either IPF [snip] > encryption algorithms? Finally perhaps ssh -v will give you better results > in trying to debug this problem. At last perhaps you can get a tcpdump of > what it's doing just before it hangs (a good thing to keep track of is window > updates and negotiations as well). -- -. --- - / . ...- . .-. -.-- / ... .. --. -. .- - ..- .-. . / .... .- ... / -- . .- -. .. -. --. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001114012901.C396>