Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Technical

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #11  
Old 4th May 2008, 17:31
snewp snewp is offline
Junior Member
 
Join Date: Apr 2008
Posts: 12
Thanks: 0
Thanked 0 Times in 0 Posts
Default

disabled mod_security but still no go.
Reply With Quote
Sponsored Links
  #12  
Old 5th May 2008, 18:31
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,735 Times in 2,571 Posts
Default

Are you using a firewall? What's the output of
Code:
iptables -L
?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #13  
Old 5th May 2008, 19:55
snewp snewp is offline
Junior Member
 
Join Date: Apr 2008
Posts: 12
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT 0 -- anywhere anywhere
ACCEPT 0 -- anywhere anywhere state ESTABLISHED
ACCEPT tcp -- anywhere anywhere state RELATED tcp dpts:1024:65535
ACCEPT udp -- anywhere anywhere state RELATED udp dpts:1024:65535
ACCEPT icmp -- anywhere anywhere state RELATED
HOST_BLOCK 0 -- anywhere anywhere
SPOOF_CHK 0 -- anywhere anywhere
LOG tcp -- anywhere anywhere tcp dpt:www state NEW limit: avg 3/min burst 15 LOG level info prefix `TCP INPUT log: '
LOG tcp -- anywhere anywhere tcp dpt:auth state NEW limit: avg 3/min burst 15 LOG level info prefix `TCP INPUT log: '
LOG tcp -- anywhere anywhere tcp dpt:4545 state NEW limit: avg 3/min burst 15 LOG level info prefix `TCP INPUT log: '
LOG tcp -- anywhere anywhere tcp dpt:https state NEW limit: avg 3/min burst 15 LOG level info prefix `TCP INPUT log: '
LOG tcp -- anywhere anywhere tcp dpts:12000:24444 state NEW limit: avg 3/min burst 15 LOG level info prefix `TCP INPUT log: '
VALID_CHK 0 -- anywhere anywhere
EXT_INPUT_CHAIN !icmp -- anywhere anywhere state NEW
EXT_INPUT_CHAIN icmp -- anywhere anywhere state NEW limit: avg 20/sec burst 100
EXT_ICMP_CHAIN icmp -- anywhere anywhere state NEW
LOG 0 -- anywhere anywhere limit: avg 1/sec burst 5 LOG level info prefix `Dropped INPUT packet: '
DROP 0 -- anywhere anywhere

Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT 0 -- anywhere anywhere
TCPMSS tcp -- anywhere anywhere tcp flags:SYN,RST/SYN TCPMSS clamp to PMTU
ACCEPT 0 -- anywhere anywhere state ESTABLISHED
ACCEPT tcp -- anywhere anywhere state RELATED tcp dpts:1024:65535
ACCEPT udp -- anywhere anywhere state RELATED udp dpts:1024:65535
ACCEPT icmp -- anywhere anywhere state RELATED
HOST_BLOCK 0 -- anywhere anywhere
SPOOF_CHK 0 -- anywhere anywhere
VALID_CHK 0 -- anywhere anywhere
LOG 0 -- anywhere anywhere limit: avg 1/min burst 3 LOG level info prefix `Dropped FORWARD packet: '
DROP 0 -- anywhere anywhere

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
TCPMSS tcp -- anywhere anywhere tcp flags:SYN,RST/SYN TCPMSS clamp to PMTU
ACCEPT 0 -- anywhere anywhere state ESTABLISHED
LOG 0 -f anywhere anywhere limit: avg 3/min burst 5 LOG level info prefix `FRAGMENTED PACKET (OUT): '
DROP 0 -f anywhere anywhere
EXT_OUTPUT_CHAIN 0 -- anywhere anywhere

Chain EXT_ICMP_CHAIN (1 references)
target prot opt source destination
LOG icmp -- anywhere anywhere icmp echo-request limit: avg 12/hour burst 1 LOG level info prefix `ICMP-request(ping) flood: '
LOG icmp -- anywhere anywhere icmp destination-unreachable limit: avg 12/hour burst 1 LOG level info prefix `ICMP-unreachable flood: '
LOG icmp -- anywhere anywhere icmp source-quench limit: avg 12/hour burst 1 LOG level info prefix `ICMP-source-quench flood: '
LOG icmp -- anywhere anywhere icmp time-exceeded limit: avg 12/hour burst 1 LOG level info prefix `ICMP-time-exceeded flood: '
LOG icmp -- anywhere anywhere icmp parameter-problem limit: avg 12/hour burst 1 LOG level info prefix `ICMP-param.-problem flood: '
DROP icmp -- anywhere anywhere icmp echo-request
DROP icmp -- anywhere anywhere icmp destination-unreachable
DROP icmp -- anywhere anywhere icmp source-quench
DROP icmp -- anywhere anywhere icmp time-exceeded
DROP icmp -- anywhere anywhere icmp parameter-problem
LOG icmp -- anywhere anywhere limit: avg 12/hour burst 1 LOG level info prefix `ICMP(other) flood: '
DROP icmp -- anywhere anywhere

Chain EXT_INPUT_CHAIN (2 references)
target prot opt source destination
LOG tcp -- anywhere anywhere tcp dpt:0 limit: avg 6/hour burst 1 LOG level info prefix `TCP port 0 OS fingerprint: '
LOG udp -- anywhere anywhere udp dpt:0 limit: avg 6/hour burst 1 LOG level info prefix `UDP port 0 OS fingerprint: '
DROP tcp -- anywhere anywhere tcp dpt:0
DROP udp -- anywhere anywhere udp dpt:0
LOG tcp -- anywhere anywhere tcp spt:0 limit: avg 6/hour burst 5 LOG level info prefix `TCP source port 0: '
LOG udp -- anywhere anywhere udp spt:0 limit: avg 6/hour burst 5 LOG level info prefix `UDP source port 0: '
DROP tcp -- anywhere anywhere tcp spt:0
DROP udp -- anywhere anywhere udp spt:0
ACCEPT tcp -- anywhere anywhere tcp dpt:www
ACCEPT tcp -- anywhere anywhere tcp dpt:smtp
ACCEPT tcp -- anywhere anywhere tcp dpt:auth
ACCEPT tcp -- anywhere anywhere tcp dpt:https
ACCEPT tcp -- anywhere anywhere tcp dpt:4545
ACCEPT tcp -- anywhere anywhere tcp dpts:12000:24444
LOG icmp -- anywhere anywhere icmp echo-request limit: avg 3/min burst 1 LOG level info prefix `ICMP-request: '
LOG icmp -- anywhere anywhere icmp destination-unreachable limit: avg 12/hour burst 1 LOG level info prefix `ICMP-unreachable: '
LOG icmp -- anywhere anywhere icmp source-quench limit: avg 12/hour burst 1 LOG level info prefix `ICMP-source-quench: '
LOG icmp -- anywhere anywhere icmp time-exceeded limit: avg 12/hour burst 1 LOG level info prefix `ICMP-time-exceeded: '
LOG icmp -- anywhere anywhere icmp parameter-problem limit: avg 12/hour burst 1 LOG level info prefix `ICMP-param.-problem: '
LOG tcp -- anywhere anywhere tcp dpts:1024:65535 flags:!FIN,SYN,RST,ACK/SYN limit: avg 3/min burst 5 LOG level info prefix `Stealth scan (UNPRIV)?: '
LOG tcp -- anywhere anywhere tcp dpts:0:1023 flags:!FIN,SYN,RST,ACK/SYN limit: avg 3/min burst 5 LOG level info prefix `Stealth scan (PRIV)?: '
DROP tcp -- anywhere anywhere tcp flags:!FIN,SYN,RST,ACK/SYN
LOG tcp -- anywhere anywhere tcp dpts:0:1023 limit: avg 6/min burst 2 LOG level info prefix `Connection attempt (PRIV): '
LOG udp -- anywhere anywhere udp dpts:0:1023 limit: avg 6/min burst 2 LOG level info prefix `Connection attempt (PRIV): '
LOG tcp -- anywhere anywhere tcp dpts:1024:65535 limit: avg 6/min burst 2 LOG level info prefix `Connection attempt (UNPRIV): '
LOG udp -- anywhere anywhere udp dpts:1024:65535 limit: avg 6/min burst 2 LOG level info prefix `Connection attempt (UNPRIV): '
DROP tcp -- anywhere anywhere
DROP udp -- anywhere anywhere
DROP icmp -- anywhere anywhere
LOG 0 -- anywhere anywhere limit: avg 1/min burst 5 LOG level info prefix `Other-IP connection attempt: '
DROP 0 -- anywhere anywhere

Chain EXT_OUTPUT_CHAIN (1 references)
target prot opt source destination

Chain HOST_BLOCK (2 references)
target prot opt source destination

Chain MAC_FILTER (0 references)
target prot opt source destination

Chain RESERVED_NET_CHK (0 references)
target prot opt source destination
LOG 0 -- 10.0.0.0/8 anywhere limit: avg 1/min burst 1 LOG level info prefix `Class A address: '
LOG 0 -- 172.16.0.0/12 anywhere limit: avg 1/min burst 1 LOG level info prefix `Class B address: '
LOG 0 -- 192.168.0.0/16 anywhere limit: avg 1/min burst 1 LOG level info prefix `Class C address: '
LOG 0 -- link-local/16 anywhere limit: avg 1/min burst 1 LOG level info prefix `Class M$ address: '
DROP 0 -- 10.0.0.0/8 anywhere
DROP 0 -- 172.16.0.0/12 anywhere
DROP 0 -- 192.168.0.0/16 anywhere
DROP 0 -- link-local/16 anywhere

Chain SPOOF_CHK (2 references)
target prot opt source destination
RETURN 0 -- anywhere anywhere

Chain VALID_CHK (2 references)
target prot opt source destination
LOG tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,PSH,URG limit: avg 3/min burst 5 LOG level info prefix `Stealth XMAS scan: '
LOG tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,SYN,RST,ACK,URG limit: avg 3/min burst 5 LOG level info prefix `Stealth XMAS-PSH scan: '
LOG tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,SYN,RST,PSH,ACK,URG limit: avg 3/min burst 5 LOG level info prefix `Stealth XMAS-ALL scan: '
LOG tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN limit: avg 3/min burst 5 LOG level info prefix `Stealth FIN scan: '
LOG tcp -- anywhere anywhere tcp flags:SYN,RST/SYN,RST limit: avg 3/min burst 5 LOG level info prefix `Stealth SYN/RST scan: '
LOG tcp -- anywhere anywhere tcp flags:FIN,SYN/FIN,SYN limit: avg 3/min burst 5 LOG level info prefix `Stealth SYN/FIN scan(?): '
LOG tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/NONE limit: avg 3/min burst 5 LOG level info prefix `Stealth Null scan: '
DROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,PSH,URG
DROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,SYN,RST,ACK,URG
DROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,SYN,RST,PSH,ACK,URG
DROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN
DROP tcp -- anywhere anywhere tcp flags:SYN,RST/SYN,RST
DROP tcp -- anywhere anywhere tcp flags:FIN,SYN/FIN,SYN
DROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/NONE
LOG tcp -- anywhere anywhere tcp option=64 limit: avg 3/min burst 1 LOG level info prefix `Bad TCP flag(64): '
LOG tcp -- anywhere anywhere tcp option=128 limit: avg 3/min burst 1 LOG level info prefix `Bad TCP flag(128): '
DROP tcp -- anywhere anywhere tcp option=64
DROP tcp -- anywhere anywhere tcp option=128
DROP 0 -- anywhere anywhere state INVALID
LOG 0 -f anywhere anywhere limit: avg 3/min burst 1 LOG level warning prefix `Fragmented packet: '
DROP 0 -f anywhere anywhere

Chain allow-www-traffic-in (0 references)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere limit: avg 1/sec burst 5 tcp dpt:www flags:FIN,SYN,RST,PSH,ACK,URG/FIN
ACCEPT tcp -- anywhere anywhere limit: avg 1/sec burst 5 tcp dpt:www flags:FIN,SYN,RST,PSH,ACK,URG/SYN
ACCEPT tcp -- anywhere anywhere state RELATED,ESTABLISHED tcp dpt:webcache
Reply With Quote
  #14  
Old 6th May 2008, 15:59
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,735 Times in 2,571 Posts
Default

Ok, does the download speed change when you disable the firewall?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #15  
Old 9th May 2008, 05:25
snewp snewp is offline
Junior Member
 
Join Date: Apr 2008
Posts: 12
Thanks: 0
Thanked 0 Times in 0 Posts
 
Default

it didnt change. when it was a fresh install with no firewall, no security the speed is still the same (slow). so i think it's gotta be with my onboard NiC.

I just finished the reinstall and use another NIC, the speed is ok now.

thanks for your help falko. i appreciate it.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
sending e-mail using mail() function linuxuser1 HOWTO-Related Questions 38 21st April 2009 12:20
User constantly loggin into mail? bswinnerton Installation/Configuration 2 24th March 2008 00:12
Please help for slow server problem alex916 Installation/Configuration 14 9th February 2007 17:11
Mail download problem 11oki General 1 4th September 2006 11:35
FTP very slow in LAN, "fast" from WAN-> Firewall problem? Pasco Server Operation 6 7th March 2006 15:17


All times are GMT +2. The time now is 05:43.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.