LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
LinkBack Search this Thread
Old 08-15-2006, 04:35 PM   #1
sohmc
Member
 
Registered: Aug 2002
Location: Alexandria
Distribution: ubuntu 12.04.2
Posts: 217

Rep: Reputation: 30
some computers responding slowly to dansguardian/squid


This is a stumper.

I've set up dansguardian 2.9.7.5 and squid 2.5. I've hit a really weird problem.

We've set it up so that all network traffic goes to the linux computer running dansguardian/squid before being routed back to the originiating computer.

Some computers on the network operate perfectly. Blocking sites like it's suppose to, letting traffic through. However, there are a two computers that are hanging. When the web browser comes up, it says "Opening page ..." and sits there for a good two minutes before loading the page.

Neither the squid logs or dansguardian logs report anything interesting. What's frustrating is that it works for some computers and not others.

For example, I run linux and windows and both work fine. The other two computers are both windows xp.

I'm hoping for some insight as to where to look for a problem. I thought it had to do with iptables. But I'm not sure anymore. Here's my iptables entry:
Code:
/usr/sbin/ip route del default via 192.168.1.2 dev br0 table 2
/usr/sbin/ip rule del fwmark 3 table 2
/usr/sbin/iptables -t mangle -A PREROUTING -j ACCEPT -p tcp --dport 80 -s 192.168.1.2
/usr/sbin/iptables -t mangle -A PREROUTING -j MARK --set-mark 3 -p tcp -m mac --mac-source 00:10:DC:E1:3D:99 --dport 80
/usr/sbin/iptables -t mangle -A PREROUTING -j MARK --set-mark 3 -p tcp -m mac --mac-source 00:13:D3:EB:9F:AB --dport 80
/usr/sbin/iptables -t mangle -A PREROUTING -j MARK --set-mark 3 -p tcp -m mac --mac-source 00:40:2B:47:B5:D5 --dport 80
/usr/sbin/ip rule add fwmark 3 table 2
/usr/sbin/ip route add default via 192.168.1.2 dev br0 table 2
Any thoughts or ideas would be greatly appreciated!
 
Old 08-16-2006, 09:01 AM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,345

Rep: Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945
as a netwrok tech, my first point of call would be to do some packet sniffing on the connection between the client and the server to see what is happening during this lull. Install ethereal or just use tcpdump on the server itself and run "tcpdump -vn host client.ip.address.here" and you'll see all the interations. if it's an inconsistency there could be many random things affecting it, a common one is DNS lookings timing out, and if you're sure no logs shed any light see what the wire has to say about it.
 
Old 08-20-2006, 06:23 AM   #3
sohmc
Member
 
Registered: Aug 2002
Location: Alexandria
Distribution: ubuntu 12.04.2
Posts: 217

Original Poster
Rep: Reputation: 30
thanks for the idea. I"m going to try this out and let you know.
 
Old 09-06-2006, 10:04 AM   #4
sohmc
Member
 
Registered: Aug 2002
Location: Alexandria
Distribution: ubuntu 12.04.2
Posts: 217

Original Poster
Rep: Reputation: 30
sorry for the delay in a reply...it's been a sick couple of weeks. Gettings dansguardian wasn't a high priority.

I've run tcpdump and I'm running into the same problem. It seems like the problem is in the router itself.

The setup is that there's a linux computer doing the filtering and a linksys router doing the routing.

here's the IPTABLES setup for the router:
Code:
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     tcp  --  192.168.1.2          anywhere            tcp dpt:www 
MARK       tcp  --  anywhere             anywhere            tcp dpt:www MARK set 0x3
The filter is on .2. The IPTABLEs is set up so that everything outside of .2 is MARKED and then sent to the filter via the `ip route` command.

When running tcpdump on the filter computer, it still hangs.

It seems the hiccup is in the router, which really doesn't make sense because other computers work correctly. I don't have tcpdump on the router to check this.

I'm very willing to hear other thoughts and ideas, because I have none!

thanks!
 
  


Reply

Tags
dansguardian, filtering, network, squid


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Connections to localhost responding very slowly walmartshopper Linux - Networking 3 04-20-2006 08:26 PM
dansguardian + squid shafey Linux - Security 2 12-31-2005 11:42 AM
squid and dansguardian on MDK 10.2 Trio3b Mandriva 1 12-27-2005 04:20 PM
Dansguardian/Squid HELP! Prizam Linux - Software 3 09-23-2005 06:30 PM
iptables, DansGuardian, and Squid. cth3 Linux - Networking 1 02-10-2005 09:04 AM


All times are GMT -5. The time now is 10:58 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration