Find the answer to your Linux question:
Page 4 of 12 FirstFirst 1 2 3 4 5 6 7 8 ... LastLast
Results 31 to 40 of 120
Sorry for the delay. I had to find a better tcp dump option. The options you gave me ended up creating a 128 meg file. The options I found to ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #31
    Just Joined!
    Join Date
    Jan 2013
    Posts
    61

    Sorry for the delay. I had to find a better tcp dump option. The options you gave me ended up creating a 128 meg file. The options I found to isolate the issue to ftp ports and dns is "tcpdump -i em0 port 21 && port 20 && port 53". Do you need more?

    Herculeon's Dump File - Pastebin.com

  2. #32
    Linux Newbie
    Join Date
    Jun 2012
    Posts
    100
    Quote Originally Posted by Herculeon View Post
    Sorry for the delay. I had to find a better tcp dump option. The options you gave me ended up creating a 128 meg file. The options I found to isolate the issue to ftp ports and dns is "tcpdump -i em0 port 21 && port 20 && port 53". Do you need more?

    Herculeon's Dump File - Pastebin.com
    Previous command was an example to illustrate tcpdump's syntax, sorry if I have not been clear about this.

    Furthermore:

    Quote Originally Posted by Rexilion's terminal says:
    Alpha ~ # tcpdump -i wlan0 port 20 && port 23
    tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
    listening on wlan0, link-type EN10MB (Ethernet), capture size 68 bytes
    ^C
    0 packets captured
    0 packets received by filter
    0 packets dropped by kernel
    -su: port: command not found
    You substituted the literal 'and' with the symbolic '&&'. It makes sense. However, what you don't know is that '&&' is interperted by your shell. So the only parameters that reached your tcpdump command are '-i em0 port 21'. After this, given that tcpdump returns 0, it literally executes port 20. The command 'port' does not exist on my system, and I assume neither on yours.

    What you wanted to do was:
    Code:
    tcpdump -i em0 port 21 and port 20 and port 53
    However, now you are only including what we now. I'd prefer you would exclude what you can confirm you can exclude. So that we are not missing anything.

  3. #33
    Just Joined!
    Join Date
    Jan 2013
    Posts
    61
    Ok, I made the adjustment and re-did it. If the command is not correct, let me know and I will find the nearest wall to bang my head against.

    Herculeon's Dump File - Pastebin.com

  4. #34
    Linux Newbie
    Join Date
    Jun 2012
    Posts
    100
    I can see you corrected my embarrassing mistake... I will have a look and report back to you.

  5. #35
    Linux Newbie
    Join Date
    Jun 2012
    Posts
    100
    14:22:11.791974 IP webforms.tsb.local.33926 > telecomdns.tsb.local.domain: 33975+ PTR? 58.1.16.172.in-addr.arpa. (42)
    14:22:11.792302 IP telecomdns.tsb.local.domain > webforms.tsb.local.33926: 33975* 1/0/0 PTR htcsta1.tsb.local. (73)
    14:22:11.830602 IP webforms.tsb.local.ftp > htcsta1.tsb.local.6203: Flags [.], ack 40, win 115, length 0
    14:22:26.806287 IP webforms.tsb.local.ftp > htcsta1.tsb.local.6203: Flags [P.], seq 78:101, ack 40, win 115, length 23
    14:22:26.807106 IP htcsta1.tsb.local.6203 > webforms.tsb.local.ftp: Flags [P.], seq 40:54, ack 101, win 256, length 14
    So it's not DNS (first 2 lines). As you can see the DNS comms is almost instant.

    I can see a retry with a 15 second interval there:

    14:22:11.830602 IP webforms.tsb.local.ftp > htcsta1.tsb.local.6203: Flags [.], ack 40, win 115, length 0
    14:22:26.806287 IP webforms.tsb.local.ftp > htcsta1.tsb.local.6203: Flags [P.], seq 78:101, ack 40, win 115, length 23
    That's odd... Something weird is going on the cliŽnt side if I'm not mistaken.

    I assume that:
    - webforms.tsb.local: is the FTP server
    - telecomdns.tsb.local: is the DNS server
    - htcsta1.tsb.local: is the FTP client

    I need to think about this. I ran out of viable idea's.

  6. #36
    Just Joined!
    Join Date
    Jan 2013
    Posts
    61
    your assumptions are correct. telecomdns is the primary dns server. webforms is the ftp server. htcsta1 is my mainworkstation. I have tried the connection on other pcs with the same respone as well, so i know it is not locked into my pc. maybe there is a way to reduce the 15 second retry?

  7. #37
    Linux Newbie
    Join Date
    Jun 2012
    Posts
    100
    Could you rerun this a few times and confirm it stays around 15 seconds?

  8. #38
    Just Joined!
    Join Date
    Jan 2013
    Posts
    61
    Confirmed, I get the same after running it 5 times.

  9. #39
    Linux Newbie
    Join Date
    Jun 2012
    Posts
    100
    Please, use the last 4 line vsftpd PAM file I described. Additionally, disable tcp_wrappers and try again.

    Why not disable as many bells and whistles as you can? Try that. And describe each of them in your post so we don't do useless double testing.

  10. #40
    Just Joined!
    Join Date
    Jan 2013
    Posts
    61
    sorry for the delay. the bane of office existance (stupid meetings) kicked in.

    auth required pam_permit.so - critical error could not connect to server
    account required pam_permit.so - critical error could not connect to server
    password required pam_permit.so - 10 second wait before successfully connecting
    session required pam_permit.so - 10 second wait before successfully connecting

    password required pam_permit.so and session required pam_permit.so - 10 second wait before successfully connecting
    account required pam_permit.so and password required pam_permit.so and session required pam_permit.so - critical error could not connect to server
    auth required pam_permit.so and password required pam_permit.so and session required pam_permit.so - critical error could not connect to server

    auth required pam_permit.so and session required pam_permit.so - critical error could not connect to server
    account required pam_permit.so and password required pam_permit.so - critical error could not connect to server

    all of them disabled - critical error could not connect to server

    by the way, on all tests the tcp_wrapper was disabled.

Page 4 of 12 FirstFirst 1 2 3 4 5 6 7 8 ... LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •