Any changes in kernels the last month (Iptables related)
Joshua R. Poulson
jrp at pun.org
Fri Sep 5 14:17:55 UTC 2014
Have you considered the possibility of the iptables hack?
http://www.prolexic.com/knowledge-center-ddos-threat-advisory-iptables-iptablex-linux-bots-botnet-cybersecurity.html
--jrp
On Fri, Sep 5, 2014 at 6:58 AM, Doug Smythies <dsmythies at telus.net> wrote:
>
> On 2014.09.05 01:10 Kim Emax wrote:
>
> > I was wondering if there´s been any changed in the later kernels?
> >
> > I´m using a ubuntu server with tow nics as a router, firewall, DHCP etc.
> > The last month out of nowhere and without any changes (other > than
> regular
> > updates from apt) my LAN has been fucked on upload (0.07mbit), while the
> WAN
> > has +40Mbit. I´ve rebooted switches and WLAN > router, changed the LAN
> nic and
> > has a laptop directly to the router, no luck.
> > By changing in the iptables rules i´ve managed to tweak the LAN upload
> to 1-2mbit,
> > still works really bad on LAN though. Taking a test > at
> hastighedstest.tdc.dk shows
> > NO speed at first, then after a while it goes up a bit up to 3mbit, then
> falls back
> > and stays around > 1mbit. Wierd behaviour.
> > Current Kernel: 3.2.0-67-generic, Ubuntu 12.04
>
> Yes, the same thing happened to my Ubuntu 12.04 server which is my main
> router to
> my LAN with the same kernel.
>
> The lost time and frustration trying to figure it out was staggering.
> I also suffered significant collateral damage.
>
> In my case the root issue was MTU and some new enforcement thereof, giving
> a lot
> ICMP packets saying something like:
> "ICMP port unreachable, packet too long and don't fragment bit is set"
>
> O.K. so the real root issue is that some clients (windows clients and only
> a
> couple of NIC cards (it seems)) ignore the MTU and send larger packets.
>
> Anyway, and in my case, the issue is resolved in the next kernel, or by
> going back to the previous kernel.
>
> Linux doug-64 3.2.0-68-generic #102-Ubuntu SMP Tue Aug 12 22:02:15 UTC
> 2014 x86_64 x86_64 x86_64 GNU/Linux
>
> ... Doug
>
>
>
> --
> ubuntu-server mailing list
> ubuntu-server at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
> More info: https://wiki.ubuntu.com/ServerTeam
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-server/attachments/20140905/4ccead0f/attachment.html>
More information about the ubuntu-server
mailing list