LUGNET NNTP Server & Clients : 525


Administrative / NNTP / 525	524 \| 526

Subject:	Re: I can't access LUGNET through nntp today
Newsgroups:	lugnet.admin.nntp
Date:	Fri, 16 Mar 2001 21:02:35 GMT
Viewed:	754 times

"Dan Boger" <dan@peeron.com> wrote in message news:3AB27414.9090303@peeron.com... > Carlo Ottolina wrote: > > This is a small log from my firewall, (Cisco PIX 515) where you can see • that > > the nntp server needs a TCP connection on port 113 (auth ??). > > > > BTW, I have the same troubles that Thomas had, but my wait is usually • 30 - > > 35 seconds long. (as you can see in the logs). > I think it's doing ident lookups... and I think the reason you have to > wait 30 secs or so is cause you're dropping the auth packets and not > rejecting them... so it's waiting for an answer. if you modified your > firewall to reject connections to port 113, it'll move on right away... > > I think :) > > Dan Dan, thanks for your suggestions! Unfortunately, rejecting connections to port 113 is exactly what I am doing now. (See, I usually don't expose internal workstations to the internet... ;-) ) I am now accepting tcp connections on port 113 only from lugnet nntp server, and only to my personal workstation. Yes, I am a bit retentive, here, and I did a small network analizer session, to check which kind of data is requested from the server... The only packet exiting my machine is a TCP RST ACK in response to the TCP SYN, no problem at all. I still not undestand the need for this back-check, but I can live with it.... Cheers Carlo P.S.: the log from my firewall, accepting port 113 connections, follows: [2001-03-16 21:37:00] <166>%PIX-6-302001: Built outbound TCP connection 407 for faddr 209.68.63.236/119 gaddr 212.92.226.141/3264 laddr xxx.xxx.xxx.xxx/3264 [2001-03-16 21:37:00] <166>%PIX-6-302001: Built inbound TCP connection 408 for faddr 209.68.63.236/3462 gaddr 212.92.226.141/113 laddr xxx.xxx.xxx.xxx/113 [2001-03-16 21:37:00] <166>%PIX-6-302002: Teardown TCP connection 408 faddr 209.68.63.236/3462 gaddr 212.92.226.141/113 laddr xxx.xxx.xxx.xxx/113 duration 0:00:00 bytes 0 (TCP Reset-I) [2001-03-16 21:37:14] <166>%PIX-6-302002: Teardown TCP connection 407 faddr 209.68.63.236/119 gaddr 212.92.226.141/3264 laddr xxx.xxx.xxx.xxx/3264 duration 0:00:14 bytes 2825 (TCP Reset-I)

Message has 1 Reply:

		Re: I can't access LUGNET through nntp today
(...) if it's sending back a RST ACK that means the port is closed on your workstation, and that's all the server wanted to know... since from your earlier log didn't mention anything about resets being sent back to lugnet, I just assumed it was (...) (24 years ago, 16-Mar-01, to lugnet.admin.nntp)

Message is in Reply To:

		Re: I can't access LUGNET through nntp today
(...) I think it's doing ident lookups... and I think the reason you have to wait 30 secs or so is cause you're dropping the auth packets and not rejecting them... so it's waiting for an answer. if you modified your firewall to reject connections to (...) (24 years ago, 16-Mar-01, to lugnet.admin.nntp)

20 Messages in This Thread:

Entire Thread on One Page:: Nested: All | Brief | Compact | Dots
Linear: All | Brief | Compact
This Message and its Replies on One Page:: Nested: All | Brief | Compact | Dots
Linear: All | Brief | Compact

Custom Search