Iptables on Ubuntu throws a wobbley - Ubuntu

This is a discussion on Iptables on Ubuntu throws a wobbley - Ubuntu ; I have noticed a couple of strange problems with my Ubuntu 7.04 installation. Its been working fine, until recently, where its Internet access has slowed down quite considerably. The other Windows PC is fine. I think that this happened after ...

+ Reply to Thread
Results 1 to 4 of 4

Thread: Iptables on Ubuntu throws a wobbley

  1. Iptables on Ubuntu throws a wobbley

    I have noticed a couple of strange problems with my Ubuntu 7.04
    installation. Its been working fine, until recently, where its Internet
    access has slowed down quite considerably. The other Windows PC is fine.

    I think that this happened after I set up my PC as a router for my ipaq
    and installed dnsmasq. I made some changes to the firewall to allow nat
    and routing.

    However, if I deactivate iptables strange results are give:

    Current iptables config:

    c# iptables -L
    Chain INPUT (policy DROP)
    target prot opt source destination
    ACCEPT 0 -- anywhere anywhere
    ACCEPT 0 -- anywhere anywhere state
    RELATED,ESTABLISHED
    ACCEPT tcp -- anywhere anywhere multiport
    dports ssh state NEW
    LOG 0 -- anywhere anywhere limit: avg
    10/min burst 10 LOG level warning prefix `INPUT DROP:'
    DROP 0 -- anywhere anywhere

    Chain FORWARD (policy DROP)
    target prot opt source destination

    Chain OUTPUT (policy DROP)
    target prot opt source destination
    ACCEPT 0 -- anywhere anywhere
    ACCEPT 0 -- anywhere anywhere state NEW
    ACCEPT 0 -- anywhere anywhere state
    RELATED,ESTABLISHED
    LOG 0 -- anywhere anywhere LOG level
    warning prefix `OUTPUT DROP:'
    DROP 0 -- anywhere anywhere


    # ping 10.90.90.1
    PING 10.90.90.1 (10.90.90.1) 56(84) bytes of data.
    64 bytes from 10.90.90.1: icmp_seq=1 ttl=255 time=0.467 ms
    64 bytes from 10.90.90.1: icmp_seq=2 ttl=255 time=0.450 ms

    All fine. Next, remove iptables:
    # iptables -F
    # iptables -L
    Chain INPUT (policy DROP)
    target prot opt source destination

    Chain FORWARD (policy DROP)
    target prot opt source destination

    Chain OUTPUT (policy DROP)
    target prot opt source destination
    # ping 10.90.90.1
    PING 10.90.90.1 (10.90.90.1) 56(84) bytes of data.
    ping: sendmsg: Operation not permitted
    ping: sendmsg: Operation not permitted
    ping: sendmsg: Operation not permitted

    --- 10.90.90.1 ping statistics ---
    3 packets transmitted, 0 received, 100% packet loss, time 2009ms

    So, why, when I remove iptables, does it block everything?

    On top of this, I cannot change it because the changes won't persist
    after a reboot. I cannot find the start up script in /etc/rc?.d nor
    /etc/init.d. :^^


  2. Re: Iptables on Ubuntu throws a wobbley

    I found the problem:

    apt-get remove bmon.

    Yes, bmon was the culprit!

    It slowed the connection down really well.

    I shall read more about this.

  3. Re: Iptables on Ubuntu throws a wobbley

    No. I was too hasty and was pinging the default gateway, instead of an
    external host. Of course it was quick.

    Back to the drawing board

  4. Re: Iptables on Ubuntu throws a wobbley

    On Thu, 31 Jan 2008 21:12:21 +0100, zii kell wrote:

    > I have noticed a couple of strange problems with my Ubuntu 7.04
    > installation. Its been working fine, until recently, where its Internet
    > access has slowed down quite considerably. The other Windows PC is fine.
    >
    > I think that this happened after I set up my PC as a router for my ipaq
    > and installed dnsmasq. I made some changes to the firewall to allow nat
    > and routing.
    >
    > However, if I deactivate iptables strange results are give:
    >
    > Current iptables config:
    >
    > c# iptables -L
    > Chain INPUT (policy DROP)
    > target prot opt source destination
    > ACCEPT 0 -- anywhere anywhere
    > ACCEPT 0 -- anywhere anywhere state
    > RELATED,ESTABLISHED
    > ACCEPT tcp -- anywhere anywhere multiport
    > dports ssh state NEW
    > LOG 0 -- anywhere anywhere limit: avg
    > 10/min burst 10 LOG level warning prefix `INPUT DROP:'
    > DROP 0 -- anywhere anywhere
    >
    > Chain FORWARD (policy DROP)
    > target prot opt source destination
    >
    > Chain OUTPUT (policy DROP)
    > target prot opt source destination
    > ACCEPT 0 -- anywhere anywhere
    > ACCEPT 0 -- anywhere anywhere state NEW
    > ACCEPT 0 -- anywhere anywhere state
    > RELATED,ESTABLISHED
    > LOG 0 -- anywhere anywhere LOG level
    > warning prefix `OUTPUT DROP:'
    > DROP 0 -- anywhere anywhere
    >
    >
    > # ping 10.90.90.1
    > PING 10.90.90.1 (10.90.90.1) 56(84) bytes of data.
    > 64 bytes from 10.90.90.1: icmp_seq=1 ttl=255 time=0.467 ms
    > 64 bytes from 10.90.90.1: icmp_seq=2 ttl=255 time=0.450 ms
    >
    > All fine. Next, remove iptables:
    > # iptables -F
    > # iptables -L
    > Chain INPUT (policy DROP)
    > target prot opt source destination
    >
    > Chain FORWARD (policy DROP)
    > target prot opt source destination
    >
    > Chain OUTPUT (policy DROP)
    > target prot opt source destination
    > # ping 10.90.90.1
    > PING 10.90.90.1 (10.90.90.1) 56(84) bytes of data.
    > ping: sendmsg: Operation not permitted
    > ping: sendmsg: Operation not permitted
    > ping: sendmsg: Operation not permitted
    >
    > --- 10.90.90.1 ping statistics ---
    > 3 packets transmitted, 0 received, 100% packet loss, time 2009ms
    >
    > So, why, when I remove iptables, does it block everything?
    >
    > On top of this, I cannot change it because the changes won't persist
    > after a reboot. I cannot find the start up script in /etc/rc?.d nor
    > /etc/init.d. :^^


    Here's a good iptables read:





+ Reply to Thread