[Wolves] port weirdness...

[Don Cockman]

Hi,

Anyone else sad enough to use virgin.net? via dialup??

I've been having very strange things occurring :-)

Ever since the 24x7 dialup number changed for virgin.net (also around the 
time of the Mblast malarky...) I've had intermittent problems connecting 
to sites... google, bbc, slashdot etc as well as lesser known ones..

This was extremely bad last weekend, so much so I wasn't able to do any 
'work' for the best part of 2 days. Through the week, it's been reasonably 
OK, but now it's pants again :-(

Looking through the logs on the firewall I'm seeing *lots* of DENY 
messages relating to port 65535 eg.

Aug 30 22:24:45 aotea kernel: Packet log: denylog DENY ppp0 PROTO=6 
128.121.215.234:65535 xx.xxx.xxx.xxx:65535 L=692 S=0x00 I=36173 
F=0x0065 T=48 (#1)

The IP address tallies with the sites I'm having problems getting to, in 
this case spaceweather.com.

Once the problem has become apparent, the browser window just sits there 
saying 'connecting....' before eventually timing out.. During this time 
the DENY message is endlessly repeating.

Of course, this doesn't happen *all* the time - That would be far too 
easy!

Emails to their 'support' people obviously get delivered straight to 
/dev/null after being caught by their 'problem not related to micro$oft' 
procmail filter.. Connecting to another ISP (temporarily freeserve) shows 
that everything works ticketyboo for hours at a time so it's not a problem 
with my equipment (so to speak) which is a mitel (e-smith) jobby, fully 
patched, virus and rootkit checked with the only machine connected to the 
network being my Mandrake9.1 jobby, again all patched & checked...

Just wondering if anyone else has had similar weirdnesseses like.

Cheers,

Don