Packet filter plugin and delay

Openfire Plugins Packet Filter
1

Hi everybody,

I have an openfire 3.6.3 and packet filter 2.0.2.

I have problems with packet filter plugin.

When I put on the rules which have been configured, I have a delay when I send messages to other users.

Then when I restart my spark client, my contacts appear after many seconds and one by one really slowly.

I must use this plugin to only open the conference rooms to external users.

My users and groups are authenticated trough an ldap server.
I use the to authenticate my “external users” which are not on the same ldap branch than internal users.

We tried to upgrade the Java memory by setting : -Xms512M and -xmx1024M
We also tried to upgrade the “group” cache allocated memory to 1M, but i

We have about 60 internal users on the servers and 10 external users.

Rules run on the server :

Pass ExternalUsers Any MUC false
Drop ExternalUsers Any Any false

In addition, users can’t log on to the msn gataway when the rules are running.

Does anybody know What rules I have to put to do that ??

Does anybody have a solution ?

Thanks in advance

2

There is a hidden component that needs to communicate to all your other components, for example the msn gateway and conference component. Does “component.your-server.tld” have access to everything?

3

Hi @Coolcat ,

First thanks for your answer.

But I don’t understant what do you mean !

What can I do for test if “component.my-server.tld” have access to everything?

Thank you very much!

4

What can I do for test if “component.my-server.tld” have access to everything?
How do you have defined the test for “ExternalUsers”? If you just test for domain name “my-server.tld”, “component.my-server.tld” would be an external user. If you test for “*my-server.tld” (with wildcard * ) this would be an internal user. To be sure, you could add an additional rule which accepts, if one of the users is “component.my-server.tld”.

P.S. I’m not that familiar with PacketFilter since I’m using Raptor, traffic control plugin instead. However, Raptor is far more complex and would not help here…especially because it can not deal with MUC traffic yet.