Welcome to networking hell - ssh, samba, apache and the dreaded CLOSED_WAIT

[Joel V.]

First of all, I want to thank everyone in advance who decide to help me.
THANK YOU!

Now, here's some background info:

I have a P4 2.4 server with 512mb of RAM and 160GB hdd. There are two intel
NICs,  192.168.0.254 and 82.131.xxx.xx
The box is running FreeBSD 4.8 and it's behind a fast 5mbit line.

Services running on the server are gateway/NAT, DNS, default "open"
firewall, Samba (I think  2.2.8), Qmail + vpopmail, proftpd, apache 1.3.27 +
php, MySQL.

There are 7 computers with WinXP SP1 in the office and 2 computers with
Win2k SP4. Yesterday  I got a call from the office saying there are some
problems with getting and sending e-mail.
I go sit behind one WinXP machine, and I can't send/receive mail at all with
Outlook XP. All  transfers are timing out. I try to access Samba shares, and
I have to wait 1-2min before I  can see them. Now once I access them,
they're all fast for a short period of time, after a  while it goes slow
again. Then I try to see our homepage which is hosted at our server and
guess what - it takes 3-4min to load it.
But.. accessing other sites is fine. The internet in general is working like
a charm from  all machines!

Now here's the funny thing. Both Win2k machines can access the Samba shares
OK without any  lag (but our website still comes on slow).

I go to the server and shut down all services except for Samba. Voila! I can
access the  server shares again with (a bit worse than) usual 1-2 sec delay.

Now I open up e-mail account settings and notice that the incoming server is
192.168.0.254 -  I change that to mail.xxxxxx.ee (our mailserver) just to
test it and everything is OK again.  Now, when I launch apache, try to view
our site from within the LAN and send/receive e-mail,  I get timeouts again.
Shut down apache and it's working.

Now here's another thing I haven't mentioned. I can't also use ssh inside
our office. When I  enter the username when connecting to the server it just
times out without asking me for a  password (only ONCE did I see a password
prompt but it was too late, the timeout had already  occured). I have to
connect to another server I have running, and then connect from there.

ARP data seems to be OK, but netstat showed some odd states for some
connections when I was  trying to access our homepage - CLOSED_WAIT.

I've tried restarting the services, restarting the server, restarting the
switch and our  workstations - nothing. Inside our office it's networking
hell when Apache is running (and  ssh hell even when Apache is not running).
There is enough room on all partitions, I checked  all the logs and didn't
notice anything strange. When I connect from home, everything is working as
it should - ssh, e-mail, ftp, you name it. Did I mention I haven't changed
any  configuration settings for a long time and the server has been running
for 2 years almost without any problems?

I've shut down apache and moved our homepage to my friend's server, and
everything seems to  be working for now. But I have to get this thing fixed
and to be honest with, I have no more  ideas what to try. Here's where I
need your help. Thanks again.
I am not a member of the mailing list, so I would be very grateful if you
could send me a  response directly at joel at starman.ee - thanks!

- Joel