Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Server Operation

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1  
Old 29th June 2006, 22:38
edge edge is offline
Moderator
 
Join Date: Dec 2005
Location: The Netherlands
Posts: 2,034
Thanks: 264
Thanked 151 Times in 131 Posts
Default IPtables slowing down my SSH login!?

I'm at the moment doing some testing with IPtables on a test server running Debian Sarge 3.1

For some reason when I add IPtables the login for my SSH gets really slow!
After entering the login name, it takes about 5 to 10 seconds for the password question!

The strange thing is that when I flush the iptables, login is like normal again (fast)

I do not mind waiting 10 seconds, but what I do not know is if this is the only thing beeing slower...

This is what I'm using as IPtables: (I'm using SSH on the 10.0.0.247 IP)

Quote:
-A INPUT -d 127.0.0.1 -s 127.0.0.1 -j ACCEPT

-A INPUT -d 10.0.0.244 -p icmp -j ACCEPT
-A INPUT -d 10.0.0.245 -p icmp -j ACCEPT
-A INPUT -d 10.0.0.246 -p icmp -j ACCEPT
-A INPUT -d 10.0.0.247 -p icmp -j ACCEPT

-A INPUT -d 10.0.0.244 -p tcp --dport 80 -j ACCEPT
-A INPUT -d 10.0.0.244 -p tcp --dport 81 -j ACCEPT
-A INPUT -d 10.0.0.244 -p tcp --dport 443 -j ACCEPT
-A INPUT -d 10.0.0.244 -p tcp --dport 8080 -j ACCEPT
-A INPUT -d 10.0.0.244 -p tcp --dport 10000 -j ACCEPT

-A INPUT -d 10.0.0.245 -p tcp --dport 25 -j ACCEPT
-A INPUT -d 10.0.0.245 -p tcp --dport 53 -j ACCEPT
-A INPUT -d 10.0.0.245 -p udp --dport 53 -j ACCEPT

-A INPUT -d 10.0.0.246 -p tcp --dport 53 -j ACCEPT
-A INPUT -d 10.0.0.246 -p udp --dport 53 -j ACCEPT
-A INPUT -d 10.0.0.246 -p tcp --dport 110 -j ACCEPT

-A INPUT -d 10.0.0.247 -p tcp --dport 22 -j ACCEPT
-A INPUT -d 10.0.0.247 -p tcp --dport 20:21 -j ACCEPT
-A INPUT -d 10.0.0.247 -p tcp --dport 30000:50050 -j ACCEPT

-A INPUT -d 10.0.0.244 -j REJECT
-A INPUT -d 10.0.0.245 -j REJECT
-A INPUT -d 10.0.0.246 -j REJECT
-A INPUT -d 10.0.0.247 -j REJECT

-A INPUT -j REJECT
-A FORWARD -j REJECT
Reply With Quote
Sponsored Links
 

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
The Perfect Xen 3.0 Setup For Debian | IPTABLES rocket30 HOWTO-Related Questions 7 25th July 2006 14:18
Problem with POP3 Login masterkain Installation/Configuration 6 15th January 2006 18:11
authdaemon LOGIN: REJECT dgradzik Tips/Tricks/Mods 2 22nd September 2005 00:09
authdaemon LOGIN: REJECT dgradzik Installation/Configuration 2 21st September 2005 18:03
Total Frustration-HELP palkat Installation/Configuration 17 3rd September 2005 17:28


All times are GMT +2. The time now is 17:52.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.