I'm at the moment doing some testing with IPtables on a test server running Debian Sarge 3.1
For some reason when I add IPtables the login for my SSH gets really slow!
After entering the login name, it takes about 5 to 10 seconds for the password question!
The strange thing is that when I flush the iptables, login is like normal again (fast)
I do not mind waiting 10 seconds, but what I do not know is if this is the only thing beeing slower...
This is what I'm using as IPtables: (I'm using SSH on the 10.0.0.247 IP)
Quote:
-A INPUT -d 127.0.0.1 -s 127.0.0.1 -j ACCEPT
-A INPUT -d 10.0.0.244 -p icmp -j ACCEPT
-A INPUT -d 10.0.0.245 -p icmp -j ACCEPT
-A INPUT -d 10.0.0.246 -p icmp -j ACCEPT
-A INPUT -d 10.0.0.247 -p icmp -j ACCEPT
-A INPUT -d 10.0.0.244 -p tcp --dport 80 -j ACCEPT
-A INPUT -d 10.0.0.244 -p tcp --dport 81 -j ACCEPT
-A INPUT -d 10.0.0.244 -p tcp --dport 443 -j ACCEPT
-A INPUT -d 10.0.0.244 -p tcp --dport 8080 -j ACCEPT
-A INPUT -d 10.0.0.244 -p tcp --dport 10000 -j ACCEPT
-A INPUT -d 10.0.0.245 -p tcp --dport 25 -j ACCEPT
-A INPUT -d 10.0.0.245 -p tcp --dport 53 -j ACCEPT
-A INPUT -d 10.0.0.245 -p udp --dport 53 -j ACCEPT
-A INPUT -d 10.0.0.246 -p tcp --dport 53 -j ACCEPT
-A INPUT -d 10.0.0.246 -p udp --dport 53 -j ACCEPT
-A INPUT -d 10.0.0.246 -p tcp --dport 110 -j ACCEPT
-A INPUT -d 10.0.0.247 -p tcp --dport 22 -j ACCEPT
-A INPUT -d 10.0.0.247 -p tcp --dport 20:21 -j ACCEPT
-A INPUT -d 10.0.0.247 -p tcp --dport 30000:50050 -j ACCEPT
-A INPUT -d 10.0.0.244 -j REJECT
-A INPUT -d 10.0.0.245 -j REJECT
-A INPUT -d 10.0.0.246 -j REJECT
-A INPUT -d 10.0.0.247 -j REJECT
-A INPUT -j REJECT
-A FORWARD -j REJECT
|