mail# uname -v
FreeBSD 6.2-RELEASE #0: Tue Jun 5 21:38:31 MSD 2007 al@mail.c.ru:/usr/obj/usr/src/sys/GENERIC-05062007mail# ps -ax
PID TT STAT TIME COMMAND
0 ?? WLs 0:00.00 [swapper]
1 ?? ILs 0:00.01 /sbin/init --
2 ?? DL 0:33.04 [g_event]
3 ?? DL 1:08.82 [g_up]
4 ?? DL 1:08.00 [g_down]
5 ?? DL 0:00.00 [thread taskq]
6 ?? DL 0:00.00 [acpi_task_0]
7 ?? DL 0:00.00 [acpi_task_1]
8 ?? DL 0:00.00 [acpi_task_2]
9 ?? DL 0:00.00 [kqueue taskq]
10 ?? RL 13930:25.22 [idle]
11 ?? WL 0:53.37 [swi1: net]
12 ?? WL 34:20.87 [swi4: clock sio]
13 ?? WL 0:00.00 [swi3: vm]
14 ?? DL 0:38.25 [yarrow]
15 ?? WL 0:00.01 [swi6: Giant taskq]
16 ?? WL 0:00.00 [swi5: +]
17 ?? WL 0:00.00 [swi2: cambio]
18 ?? WL 0:00.00 [swi6: task queue]
19 ?? WL 0:00.00 [irq9: acpi0]
20 ?? WL 1:28.54 [irq11: fxp0 xl0+]
21 ?? WL 0:25.57 [irq14: ata0]
22 ?? WL 0:00.00 [irq15: ata1]
23 ?? DL 0:00.06 [usb0]
24 ?? DL 0:00.00 [usbtask]
25 ?? WL 0:00.00 [irq1: atkbd0]
26 ?? DL 0:03.29 [fdc0]
27 ?? WL 0:00.00 [swi0: sio]
28 ?? WL 0:00.00 [irq7: ppc0]
29 ?? DL 0:02.65 [pagedaemon]
30 ?? DL 0:00.00 [vmdaemon]
31 ?? DL 0:18.81 [pagezero]
32 ?? DL 0:04.47 [bufdaemon]
33 ?? DL 4:14.12 [syncer]
34 ?? DL 0:05.47 [vnlru]
35 ?? DL 0:13.33 [softdepflush]
36 ?? DL 0:59.90 [schedcpu]
121 ?? Is 0:00.00 adjkerntz -i
717 ?? Ss 0:00.76 /sbin/devd
825 ?? Ss 5:08.03 /sbin/natd -m -s -u -punch_fw 3001:5 -n xl0
941 ?? Ss 0:32.91 /usr/sbin/syslogd -l /var/run/log -l /var/named/var/run/log -s
1007 ?? Ss 1:05.91 /usr/sbin/named -t /var/named -u bind
1060 ?? Ss 0:00.62 /usr/local/sbin/pptpd
1105 ?? Ss 0:01.60 /usr/sbin/usbd
1112 ?? Ss 0:25.55 /usr/local/sbin/httpd -DSSL
1202 ?? Ss 0:00.94 /usr/local/sbin/dhcpd -cf /usr/local/etc/dhcpd.conf -lf /var/db/dhcpd/dhc
1208 ?? I 0:00.11 /usr/local/sbin/httpd -DSSL
1209 ?? S 0:00.17 /usr/local/sbin/httpd -DSSL
1210 ?? I 0:00.07 /usr/local/sbin/httpd -DSSL
1211 ?? I 0:00.11 /usr/local/sbin/httpd -DSSL
1212 ?? I 0:00.08 /usr/local/sbin/httpd -DSSL
1213 ?? Ss 0:32.74 /usr/local/sbin/postgrey --pidfile=/var/run/postgrey.pid --inet=10023 -d
1293 ?? Ss 1:07.24 /usr/local/libexec/postfix/master
1300 ?? Ss 2:11.03 /usr/local/cyrus/bin/master -d
1307 ?? Is 43:18.18 /usr/local/sbin/clamd
1311 ?? Is 2:10.93 /usr/local/sbin/clamsmtpd -f /usr/local/etc/clamsmtpd.conf -p /var/run/cl
1318 ?? Is 0:03.18 /usr/local/bin/freshclam --daemon -p /var/run/clamav/freshclam.pid
1337 ?? Ss 0:00.63 /usr/sbin/sshd
1344 ?? Is 0:02.95 /usr/sbin/cron -s
13943 ?? I 0:00.14 /usr/local/sbin/httpd -DSSL
39838 ?? I 0:00.01 /usr/local/sbin/httpd -DSSL
39839 ?? I 0:00.04 /usr/local/sbin/httpd -DSSL
39840 ?? I 0:00.05 /usr/local/sbin/httpd -DSSL
39841 ?? I 0:00.01 /usr/local/sbin/httpd -DSSL
77745 ?? Is 0:00.08 sshd: admleo [priv] (sshd)
77748 ?? S 0:01.01 sshd: admleo@ttyp0 (sshd)
77781 ?? S 0:00.68 qmgr -l -t fifo -u
77787 ?? S 0:00.08 anvil -l -t unix -u
78022 ?? Is 0:00.07 sshd: admleo [priv] (sshd)
78027 ?? S 0:00.39 sshd: admleo@ttyp1 (sshd)
78626 ?? S 0:00.06 smtpd -n smtp -t inet -u
78627 ?? S 0:00.03 trivial-rewrite -n rewrite -t unix -u
78628 ?? S 0:00.04 cleanup -z -t unix -u
78629 ?? S 0:00.03 smtp -n scan -t unix -u -o smtp_send_xforward_command=yes
78630 ?? S 0:00.05 [smtpd]
78632 ?? S 0:00.02 local -t unix
78635 ?? I 0:00.06 pop3d: pop3d: PCS-GT.internet2.ru
78643 ?? S 0:00.02 lmtp -t unix -u
78644 ?? S 0:00.02 pickup -l -t fifo -u
78645 ?? I 0:00.02 smtp -t unix -u
78646 ?? I 0:00.02 smtp -t unix -u
78647 ?? I 0:00.02 smtp -t unix -u
78648 ?? S 0:00.02 smtp -t unix -u
78649 ?? I 0:00.02 smtp -t unix -u
78650 ?? I 0:00.02 smtp -t unix -u
78651 ?? I 0:00.02 smtp -t unix -u
78652 ?? I 0:00.02 smtp -t unix -u
78653 ?? I 0:00.02 smtp -t unix -u
78654 ?? I 0:00.04 smtp -t unix -u
78655 ?? S 0:00.02 smtp -t unix -u
78656 ?? I 0:00.05 smtp -t unix -u
78657 ?? S 0:00.02 smtp -t unix -u
78658 ?? S 0:00.02 bounce -z -n defer -t unix -u
78659 ?? S 0:00.02 bounce -z -n defer -t unix -u
78592 v0 Is+ 0:00.00 /usr/libexec/getty Pc ttyv0
1391 v1 Is+ 0:00.00 /usr/libexec/getty Pc ttyv1
1392 v2 Is+ 0:00.00 /usr/libexec/getty Pc ttyv2
1393 v3 Is+ 0:00.00 /usr/libexec/getty Pc ttyv3
1394 v4 Is+ 0:00.00 /usr/libexec/getty Pc ttyv4
1395 v5 Is+ 0:00.00 /usr/libexec/getty Pc ttyv5
1396 v6 Is+ 0:00.00 /usr/libexec/getty Pc ttyv6
1397 v7 Is+ 0:00.00 /usr/libexec/getty Pc ttyv7
1223 con- I 0:00.01 /bin/sh /usr/local/bin/mysqld_safe --defaults-extra-file=/var/db/mysql/my
1246 con- S 5:59.58 /usr/local/libexec/mysqld --defaults-extra-file=/var/db/mysql/my.cnf --ba
77749 p0 Is 0:00.03 -csh (csh)
77751 p0 I 0:00.01 su
77752 p0 I 0:00.05 _su (csh)
77804 p0 I+ 0:14.96 ftp
78028 p1 Is 0:00.03 -csh (csh)
78030 p1 I 0:00.01 su
78031 p1 S 0:00.07 _su (csh)
78662 p1 R+ 0:00.00 ps -ax
mail#mail# top
last pid: 78774; load averages: 0.00, 0.02, 0.00 up 9+18:31:13 12:20:19
78 processes: 1 running, 77 sleeping
CPU states: 0.4% user, 0.0% nice, 0.0% system, 1.2% interrupt, 98.4% idle
Mem: 76M Active, 56M Inact, 68M Wired, 10M Cache, 34M Buf, 32M Free
Swap: 512M Total, 35M Used, 477M Free, 6% InusePID USERNAME THR PRI NICE SIZE RES STATE TIME WCPU COMMAND
1307 clamav 3 20 0 42292K 38020K kserel 43:18 0.00% clamd
1246 mysql 5 20 0 58428K 1748K kserel 6:00 0.00% mysqld
825 root 1 96 0 1604K 832K select 5:08 0.00% natd
1300 cyrus 1 96 0 3684K 1160K select 2:11 0.00% master
1311 clamav 3 20 0 3308K 1172K kserel 2:11 0.00% clamsmtpd
1293 root 1 96 0 6368K 1520K select 1:07 0.00% master
1007 bind 1 96 0 7792K 5116K select 1:06 0.00% named
941 root 1 96 0 1380K 696K select 0:33 0.00% syslogd
1213 postgrey 1 4 0 8628K 4652K select 0:33 0.00% perl5.8.8
1112 root 1 96 0 14272K 2376K select 0:26 0.00% httpd
77804 root 1 5 0 2072K 1396K ttyin 0:15 0.00% ftp
1318 clamav 1 20 0 4968K 1764K pause 0:03 0.00% freshclam
1344 root 1 8 0 1388K 736K nanslp 0:03 0.00% cron
1105 root 1 96 0 1288K 512K select 0:02 0.00% usbd
77748 admleo 1 4 0 6272K 2468K select 0:01 0.00% sshd
1202 dhcpd 1 4 0 2184K 636K select 0:01 0.00% dhcpd
717 root 1 4 0 528K 180K select 0:01 0.00% devd
77781 postfix 1 96 0 6840K 2608K select 0:01 0.00% qmgr
1337 root 1 4 0 3524K 1288K select 0:01 0.00% sshd
1060 root 1 4 0 1280K 580K select 0:01 0.00% pptpd
78027 admleo 1 96 0 6272K 2496K select 0:00 0.00% sshd
78031 root 1 20 0 4860K 2528K pause 0:00 0.00% csh
1209 www 1 4 0 14388K 2500K select 0:00 0.00% httpd
13943 www 1 20 0 14388K 2588K lockf 0:00 0.00% httpd
1208 www 1 20 0 14396K 2640K lockf 0:00 0.00% httpd
1211 www 1 20 0 14372K 2572K lockf 0:00 0.00% httpd
1212 www 1 20 0 14388K 2504K lockf 0:00 0.00% httpd
77745 root 1 4 0 6276K 2400K sbwait 0:00 0.00% sshd
77787 postfix 1 96 0 6400K 2128K select 0:00 0.00% anvil
78022 root 1 4 0 6276K 2460K sbwait 0:00 0.00% sshdКанал 128к.
mail# ipfw l
ipfw: DEPRECATED: 'l' matched 'list' as a sub-string
00100 allow ip from any to any via lo0
00200 deny log ip from any to 127.0.0.0/8
00300 deny log ip from 127.0.0.0/8 to any
00400 deny log ip from 10.1.0.0/16 to any in via xl0
00500 deny log ip from not 10.1.0.0/16 to any in via fxp0
00600 deny log ip from any to 192.168.0.0/16 via xl0
00700 deny log ip from any to 172.16.0.0/12 via xl0
00800 deny log ip from any to 10.0.0.0/8 via xl0
00900 deny ip from any to 0.0.0.0/8 via xl0
01000 deny ip from any to 169.254.0.0/16 via xl0
01100 deny ip from any to 192.0.2.0/24 via xl0
01200 deny ip from any to 224.0.0.0/4 via xl0
01300 deny ip from any to 240.0.0.0/4 via xl0
01400 allow ip from any to any in via fxp0
01500 allow ip from any to any out via fxp0
01600 allow ip from any to any via tun*
01700 divert 8668 ip from any to any via xl0
01800 deny ip from 10.0.0.0/8 to any via xl0
01900 deny ip from 172.16.0.0/12 to any via xl0
02000 deny ip from 192.168.0.0/16 to any via xl0
02100 deny ip from 0.0.0.0/8 to any via xl0
02200 deny ip from 169.254.0.0/16 to any via xl0
02300 deny ip from 192.0.2.0/24 to any via xl0
02400 deny ip from 224.0.0.0/4 to any via xl0
02500 deny ip from 240.0.0.0/4 to any via xl0
02600 allow ip from any to any frag
02700 allow tcp from any to any established
02800 allow tcp from any to 213.2.1.5 dst-port 25,110,113,143,993,995,80,443 setup
02900 allow tcp from 213.2.1.0/24 to 213.2.1.5 dst-port 22 setup
03000 allow tcp from any to 213.2.1.5 dst-port 1723 setup
03100 allow gre from any to any
03200 deny log tcp from any to 213.2.1.5 in via xl0 setup
03300 allow tcp from any to any out via xl0 setup
03400 allow log icmp from 213.2.1.0/24 to 213.2.1.5 icmptypes 8
03500 allow log icmp from 213.2.1.5 to any icmptypes 8
03600 allow log icmp from any to 213.2.1.5 icmptypes 0
03700 allow log icmp from 213.2.1.5 to 213.2.1.0/24 icmptypes 0
03800 allow log icmp from any to 213.2.1.5 icmptypes 4
03900 allow log icmp from 213.2.1.5 to any icmptypes 4
04000 allow log icmp from any to 213.2.1.5 icmptypes 3
04100 allow log icmp from 213.2.1.5 to any icmptypes 3
04200 allow log icmp from any to 213.2.1.5 icmptypes 11
04300 allow log icmp from 213.2.1.5 to 213.2.1.0/24 icmptypes 11
04400 allow log icmp from any to 213.2.1.5 icmptypes 12
04500 allow log icmp from 213.2.1.5 to 213.2.1.0/24 icmptypes 12
04600 allow log icmp from any to 10.1.0.0/16 icmptypes 0,3,4,11,12
04700 deny log icmp from any to any
04800 allow udp from 213.2.1.5 to any dst-port 53 out via xl0
04900 allow udp from any 53 to 213.2.1.5 in via xl0
05000 allow udp from any 53 to 10.1.0.0/16
05100 allow udp from any 53 to 192.168.1.0/24
05200 allow udp from any 123 to any dst-port 123
05300 allow udp from 2.2.1.0/24 to 2.2.1.5 dst-port 32769-65535 in via xl0
05400 allow udp from 2.2.1.5 to any out via xl0
05500 deny log udp from any to any
05600 deny log ip from any to any
65535 deny ip from any to any
mail#работает все!
но веб очеееень медленный!
c DNS всё нормально?
>c DNS всё нормально?с днс все отлично!
>работает все!
>но веб очеееень медленный!По трафшоу посмотрите загрузку канала.
И что за юзверские слова "веб очеееень медленный"???
Пинг, ttl, потерю пакетов, роутинг до хоста в студию
Это ко всем сайтам или только к определенным?
>
>>работает все!
>>но веб очеееень медленный!
>
>По трафшоу посмотрите загрузку канала.
>И что за юзверские слова "веб очеееень медленный"???
>Пинг, ttl, потерю пакетов, роутинг до хоста в студию
>Это ко всем сайтам или только к определенным?
при подключении через pptp на внешний интерфейсC:\Documents and Settings\root>ping www.ru -t
Pinging www.ru [194.87.0.50] with 32 bytes of data:
Reply from 194.87.0.50: bytes=32 time=33ms TTL=55
Reply from 194.87.0.50: bytes=32 time=10ms TTL=55
Reply from 194.87.0.50: bytes=32 time=11ms TTL=55
Reply from 194.87.0.50: bytes=32 time=11ms TTL=55
Reply from 194.87.0.50: bytes=32 time=10ms TTL=55
Reply from 194.87.0.50: bytes=32 time=10ms TTL=55
Reply from 194.87.0.50: bytes=32 time=185ms TTL=55
Reply from 194.87.0.50: bytes=32 time=10ms TTL=55
Reply from 194.87.0.50: bytes=32 time=10ms TTL=55
Reply from 194.87.0.50: bytes=32 time=23ms TTL=55Ping statistics for 194.87.0.50:
Packets: Sent = 10, Received = 10, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 10ms, Maximum = 185ms, Average = 31ms
Control-C
^C
C:\Documents and Settings\root>из внутренней сети
C:\Documents and Settings\Da_Vas>ping www.ru
Обмен пакетами с www.ru [194.87.0.50] по 32 байт:
Ответ от 194.87.0.50: число байт=32 время=9мс TTL=55
Ответ от 194.87.0.50: число байт=32 время=9мс TTL=55
Ответ от 194.87.0.50: число байт=32 время=9мс TTL=55
Ответ от 194.87.0.50: число байт=32 время=9мс TTL=55
Статистика Ping для 194.87.0.50:
Пакетов: отправлено = 4, получено = 4, потеряно = 0 (0% потерь),
Приблизительное время приема-передачи в мс:
Минимальное = 9мсек, Максимальное = 9 мсек, Среднее = 9 мсек
C:\Documents and Settings\Da_Vas>
С шлюза
%ping www.ru
PING www.ru (194.87.0.50): 56 data bytes
64 bytes from 194.87.0.50: icmp_seq=0 ttl=56 time=50.676 ms
64 bytes from 194.87.0.50: icmp_seq=1 ttl=56 time=50.604 ms
64 bytes from 194.87.0.50: icmp_seq=2 ttl=56 time=27.854 ms
64 bytes from 194.87.0.50: icmp_seq=3 ttl=56 time=8.482 ms
64 bytes from 194.87.0.50: icmp_seq=4 ttl=56 time=33.101 ms
64 bytes from 194.87.0.50: icmp_seq=5 ttl=56 time=13.299 ms
64 bytes from 194.87.0.50: icmp_seq=6 ttl=56 time=8.883 ms
^C
--- www.ru ping statistics ---
7 packets transmitted, 7 packets received, 0% packet loss
round-trip min/avg/max/stddev = 8.482/27.557/50.676/16.955 ms
%
загрузка сниматся по mrtg c шлюзовой cisco. загрузка выше 20k не поднимаешься
на все сайты.
при фтп, и др. закачках скорость устанавливается на положенных 15-16кбайт