Re: port 110 very slow

---

• From: Tauno Voipio <tauno.voipio@xxxxxxxxxxxxx>
• Date: Tue, 12 Sep 2006 13:51:12 GMT

---

Peter Lowrie wrote:

Peter Lowrie wrote:

(-- quote pruned, TV --)

Hi I hope you can shed some light on this.

I installed a firewall/gateway on an AMD 1.1gHz PC with 256M RAM, 20G HDD
RTL8139 (rtl8139too driver) as eth1 internet facing and 3Com 3C59x eth0

lan

facing.

The OS is Mandrake 8.2 being the only distro that would actually boot.

Now port 80 (http) works fine so does port 25. The trouble is with port

110

not receiving emails at proper speeds, 'tis very slow. Eth1 connects to a
Motorola Surfboard cable modem. Here is chkconfig --list

Your server for POP3 (TCP/110) may attempt to identify the
TCP connection user with the IDENT protocol (TCP/113).

You could open the TCP port 113 for inward connections and
see if the situation changes. The security implications are
quite small, an IDENT request needs to refer to an open
TCP connection opened in the opposite direction (here: the
POP3 read at TCP/110).

(-- top-posting corrected, TV --)

Thanks Tauno

As far as I knew all ports are open anyway. Would you please instruct me on
where I should make such changes? Is it in the iptables file?

The IDENT connection will be from the server toward your
computer, so the firewall needs to accept the incoming TCP
connection.

How are your firewall rules generated? By hand / some automatic tool?

You can check the iptables rules by typing (as root)

iptables -nLv

and saving the result from stdout.

Depending on your network setup (stand-alone or router), you need
a rule in either the INPUT or FORWARD chain passing the TCP SYN
packet to port 110.

HTH

--

Tauno Voipio
tauno voipio (at) iki fi
.

---

• Follow-Ups:
  • Re: port 110 very slow
    • From: Pascal Hambourg

• References:
  • port 110 very slow
    • From: Peter Lowrie
  • Re: port 110 very slow
    • From: Tauno Voipio
  • Re: port 110 very slow
    • From: Peter Lowrie

• Prev by Date: Re: Very embarrassing traffic shaping problem.
• Next by Date: Re: How do I snoop unauthorised traffic
• Previous by thread: Re: port 110 very slow
• Next by thread: Re: port 110 very slow
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: How to tell if a firewall alert is suspicious or not ... > WHY this SBCGlobal DNS server would be contacting Adobe Acrobat on port ... They have to parts, a kernel and the userland, in which programs, which are ... With Internet Protocol and TCP it is so, that any network interface in the ... To initiate a TCP connection, first the server has to "listen" on a port. ... (comp.security.firewalls) RE: Firewall Friendly Video Conferencing ... Subject: Firewall Friendly Video Conferencing ... But the vast majority of applications use Both the TCP ... and UDP ports of the same number. ... Port Purpose ... (Security-Basics) Re: DROP or REJECT that is the question... ... TCP is a TCP reset. ... expose at least one TCP port to the outside world, ... Your firewall policy should ... TCP since idle scans are generally a TCP-only attack. ... (Pen-Test) Re: clients separated from DC by firewall ... firewall is preventing any longer. ... Note that Kerberos is UDP by default and LDAP is using both TCP and UDP; ... SSL may change port requirements, ... (microsoft.public.windows.server.security) Re: clients separated from DC by firewall ... firewall is preventing any longer. ... Note that Kerberos is UDP by default and LDAP is using both TCP and UDP ... change port requirements, too. ... (microsoft.public.windows.server.security)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• Mailing-Lists
• Newsgroups
• About
• Privacy
• Search
• Imprint

linux.derkeiler.com  > Newsgroups  > comp.os.linux.networking  > 2006-09