From: "Massimo S." <ecs-isp@2rosenthals.com>
Received: from [192.168.100.201] (HELO mail.2rosenthals.com)
  by 2rosenthals.com (CommuniGate Pro SMTP 5.4.10)
  with ESMTP id 10510009 for ecs-isp@2rosenthals.com; Wed, 07 Aug 2024 05:49:41 -0400
Received: from [192.168.200.201] (port=35934 helo=mail2.2rosenthals.com)
	by mail.2rosenthals.com with esmtp (Exim 4.97.1)
	(envelope-from <ml@ecomstation.it>)
	id 1sbdIR-000000005oz-0J6Z
	for ecs-isp@2rosenthals.com;
	Wed, 07 Aug 2024 05:49:31 -0400
Received: from mail2.quasarbbs.net ([80.86.52.115]:10062)
	by mail2.2rosenthals.com with esmtp (Exim 4.97.1)
	(envelope-from <ml@ecomstation.it>)
	id 1sbdIN-0000000057p-1Jtg
	for ecs-isp@2rosenthals.com;
	Wed, 07 Aug 2024 05:49:28 -0400
X-SASI-Hits: BODYTEXTP_SIZE_3000_LESS 0.000000, BODY_SIZE_2000_2999 0.000000,
	BODY_SIZE_5000_LESS 0.000000, BODY_SIZE_7000_LESS 0.000000,
	CTE_7BIT 0.000000, HTML_00_01 0.050000, HTML_00_10 0.050000,
	IN_REP_TO 0.000000, LEGITIMATE_SIGNS 0.000000,
	MSGID_SAMEAS_FROM_HEX_844412 0.100000, MSG_THREAD 0.000000,
	NO_CTA_URI_FOUND 0.000000, NO_URI_FOUND 0.000000, NO_URI_HTTPS 0.000000,
	REFERENCES 0.000000, REPLYTO_SAMEAS_FROM 0.000000, SENDER_NO_AUTH 0.000000,
	SUSP_DH_NEG 0.000000, TO_IN_SUBJECT 0.500000, USER_AGENT 0.000000,
	__BODY_NO_MAILTO 0.000000, __BOUNCE_CHALLENGE_SUBJ 0.000000,
	__BOUNCE_NDR_SUBJ_EXEMPT 0.000000, __CT 0.000000, __CTE 0.000000,
	__CT_TEXT_PLAIN 0.000000, __DQ_NEG_DOMAIN 0.000000, __DQ_NEG_HEUR 0.000000,
	__DQ_NEG_IP 0.000000, __FORWARDED_MSG 0.000000,
	__FROM_DOMAIN_NOT_IN_BODY 0.000000, __FROM_NAME_NOT_IN_ADDR 0.000000,
	__FROM_NAME_NOT_IN_BODY 0.000000, __FUR_HEADER 0.000000, __HAS_FROM 0.000000,
	__HAS_MSGID 0.000000, __HAS_REFERENCES 0.000000, __HAS_REPLYTO 0.000000,
	__HEADER_ORDER_FROM 0.000000, __IN_REP_TO 0.000000, __MAIL_CHAIN 0.000000,
	__MIME_BOUND_CHARSET 0.000000, __MIME_TEXT_ONLY 0.000000,
	__MIME_TEXT_P 0.000000, __MIME_TEXT_P1 0.000000, __MIME_VERSION 0.000000,
	__MOZILLA_USER_AGENT 0.000000, __MSGID_HEX_844412 0.000000,
	__NO_HTML_TAG_RAW 0.000000, __REFERENCES 0.000000,
	__REPLYTO_SAMEAS_FROM_ACC 0.000000, __REPLYTO_SAMEAS_FROM_ADDY 0.000000,
	__REPLYTO_SAMEAS_FROM_DOMAIN 0.000000, __SANE_MSGID 0.000000,
	__SCAN_D_NEG 0.000000, __SCAN_D_NEG2 0.000000, __SCAN_D_NEG_HEUR 0.000000,
	__SCAN_D_NEG_HEUR2 0.000000, __SUBJ_ALPHA_END 0.000000,
	__SUBJ_ALPHA_NEGATE 0.000000, __SUBJ_REPLY 0.000000,
	__TO_IN_SUBJECT 0.000000, __TO_MALFORMED_2 0.000000, __TO_NAME 0.000000,
	__TO_NAME_DIFF_FROM_ACC 0.000000, __TO_REAL_NAMES 0.000000,
	__URI_NO_MAILTO 0.000000, __USER_AGENT 0.000000
X-SASI-Probability: 10%
X-SASI-RCODE: 200
X-SASI-Version: Antispam-Engine: 5.1.4, AntispamData: 2024.8.7.91220
X-SASI-Hits: BODYTEXTP_SIZE_3000_LESS 0.000000, BODY_SIZE_2000_2999 0.000000,
	BODY_SIZE_5000_LESS 0.000000, BODY_SIZE_7000_LESS 0.000000,
	CTE_7BIT 0.000000, HTML_00_01 0.050000, HTML_00_10 0.050000,
	IN_REP_TO 0.000000, LEGITIMATE_SIGNS 0.000000,
	MSGID_SAMEAS_FROM_HEX_844412 0.100000, MSG_THREAD 0.000000,
	NO_CTA_URI_FOUND 0.000000, NO_URI_FOUND 0.000000, NO_URI_HTTPS 0.000000,
	REFERENCES 0.000000, REPLYTO_SAMEAS_FROM 0.000000, SUSP_DH_NEG 0.000000,
	TO_IN_SUBJECT 0.500000, USER_AGENT 0.000000, __AUTH_RES_PASS 0.000000,
	__BODY_NO_MAILTO 0.000000, __BOUNCE_CHALLENGE_SUBJ 0.000000,
	__BOUNCE_NDR_SUBJ_EXEMPT 0.000000, __CT 0.000000, __CTE 0.000000,
	__CT_TEXT_PLAIN 0.000000, __DQ_NEG_DOMAIN 0.000000, __DQ_NEG_HEUR 0.000000,
	__DQ_NEG_IP 0.000000, __FORWARDED_MSG 0.000000,
	__FROM_DOMAIN_NOT_IN_BODY 0.000000, __FROM_NAME_NOT_IN_ADDR 0.000000,
	__FROM_NAME_NOT_IN_BODY 0.000000, __FUR_HEADER 0.000000, __HAS_FROM 0.000000,
	__HAS_MSGID 0.000000, __HAS_REFERENCES 0.000000, __HAS_REPLYTO 0.000000,
	__HEADER_ORDER_FROM 0.000000, __IN_REP_TO 0.000000, __MAIL_CHAIN 0.000000,
	__MIME_BOUND_CHARSET 0.000000, __MIME_TEXT_ONLY 0.000000,
	__MIME_TEXT_P 0.000000, __MIME_TEXT_P1 0.000000, __MIME_VERSION 0.000000,
	__MOZILLA_USER_AGENT 0.000000, __MSGID_HEX_844412 0.000000,
	__NO_HTML_TAG_RAW 0.000000, __REFERENCES 0.000000,
	__REPLYTO_SAMEAS_FROM_ACC 0.000000, __REPLYTO_SAMEAS_FROM_ADDY 0.000000,
	__REPLYTO_SAMEAS_FROM_DOMAIN 0.000000, __SANE_MSGID 0.000000,
	__SCAN_D_NEG 0.000000, __SCAN_D_NEG2 0.000000, __SCAN_D_NEG_HEUR 0.000000,
	__SCAN_D_NEG_HEUR2 0.000000, __SUBJ_ALPHA_END 0.000000,
	__SUBJ_ALPHA_NEGATE 0.000000, __SUBJ_REPLY 0.000000,
	__TO_IN_SUBJECT 0.000000, __TO_MALFORMED_2 0.000000, __TO_NAME 0.000000,
	__TO_NAME_DIFF_FROM_ACC 0.000000, __TO_REAL_NAMES 0.000000,
	__URI_NO_MAILTO 0.000000, __USER_AGENT 0.000000
X-SASI-Probability: 10%
X-SASI-RCODE: 200
X-SASI-Version: Antispam-Engine: 5.1.4, AntispamData: 2024.8.7.91220
Received: from [192.168.10.199] (dtp [192.168.10.199]) by srv2 (Weasel v2.9-0001
 ) for <ecs-isp@2rosenthals.com>; Wed, 07 Aug 2024 11:36:40 -0000
Reply-To: ml@ecomstation.it
Subject: Re: [eCS-ISP] help about an Injoy FW rule
To: eCS ISP Mailing List <ecs-isp@2rosenthals.com>
References: <list-10110575@2rosenthals.com> <list-10470156@2rosenthals.com>
Organization: Massimo S.
Message-ID: <20affc98-d6dc-6762-3a19-2be9e7fd3c1d@ecomstation.it>
Date: Wed, 7 Aug 2024 11:49:21 +0200
User-Agent: Mozilla/5.0 (OS/2; U; Warp 4.5; it-IT; rv:1.7.13) Gecko/20060424
 Thunderbird/1.0.8 Mnenhy/0.7.4.0
MIME-Version: 1.0
In-Reply-To: <list-10470156@2rosenthals.com>
Content-Type: text/plain; charset=iso-8859-15; format=flowed
Content-Language: it-IT
Content-Transfer-Encoding: 7bit

Il 03/08/2024 11:54, Massimo S. ha scritto:
> 
> But i still have to test download datarates by clients inside the firewall.
> 
> massimo

it seems to me that there are no improvements, but i could be wrong..

using router as GW of my internet connection i get with speedtest (Ookla):

51 Megabit/sec download and 17Megabit/sec upload

using the VM with Injoy FW 4.2.3 i see:

27 Megabit/sec download and 5Megabit/sec upload

i'd say terrible expecially the upload bandwidth,
but i don't know if this is due to the /2 ip stack settings:


#Inetcfg:	CURRENT	DEFAULT	MINIMUM	MAXIMUM

keepalive	30	7800	0	7800	KeepAlive (sec)
tcpswinsize	64240	32768	1024	246723	TCP SendWindow Size
tcprwinsize	64240	32768	1024	246723	TCP RecvWindow Size
udpswinsize	9216	9216	1024	246723	UDP SendWindow Size
udprwinsize	41600	41600	1024	246723	UDP RecvWindow Size
lingertime	120	120	0	65535	Linger Time (sec)
probecnt	8	8	1	8	Number Of KeepAlive Probes
ipforward	1	0	0	1	IP Forwarding flag ON/OFF
mtudiscover	0	1	0	1	TCP Path MTU Discovery ON/OFF
arpkillc	1200	1200	180	15300	ARP Complete TimeOut (sec)
arpkilli	180	180	60	1200	ARP InComplete TimeOut (sec)
lipcstswinsize	10240	10240	1024	246723	LIPC Stream SendWindow Size
lipcstrwinsize	10240	10240	1024	246723	LIPC Stream RecvWindow Size
lipcdgswinsize	2048	2048	1024	246723	LIPC Dgram SendWindow Size
lipcdgrwinsize	4096	4096	1024	246723	LIPC Dgram RecvWindow Size
synattack	1	0	0	1	SYN Attack Flag ON/OFF
syncookie	0	0	0	1	SYN Cookie Flag ON/OFF
firewall	0	0	0	1	FIREWALL ON/OFF
multidefrt	0	1	0	1	Multiple Default Routes ON/OFF
winscale	1	1	0	1	TCP Window Scale ON/OFF
timestmp	1	0	0	1	TCP TimeStamps ON/OFF
realslow	20	20	1	100	TCP TW Q Slow Timeout ticks
perfhttp	1	1	0	1	Fast Path HTTP ON/OFF
tcpttl		64	64	1	255	TCP  TTL (hops)
udpttl		64	64	1	255	UDP  TTL (hops)
icmpttl		64	64	1	255	ICMP TTL (hops)
fragttl		60	60	1	255	Fragment TTL (sec)
reusetw		0	1	0	1	Reuse Time Wait ON/OFF
msl		30	30	1	16384	TCP MaxSegLifeTime (sec)
cc		0	0	0	1	TTCP function ON/OFF
sack		0	0	0	1	Selective ACK ON/OFF


massimo