Well, after addiing "$IPTABLES -a INPUT -i $lo -j ACCEPT" and rebooting, speed have not improved... By the way, if I manually start the script (not via /etc/init.d/boot.local) things are performing at normal speed.... :-S (confused smiley) Cheers Knut Erik -----Original Message----- From: Mark Perry [mailto:PERRY@de.ibm.com] Sent: Friday, July 25, 2003 1:20 PM To: Knut Erik Hauslo Cc: suse-security@suse.com Subject: RE: [suse-security] IPTABLES Command slows down the machine I don't see any allowance for INPUT on IFC=lo? I always start my scripts by allowing the local loopback interface - I'll allow others on the List to make the own comments ;-) But here's how my iptable scripts start: # # Enable all I/O to/from the local loopback interface # iptables --append INPUT \ --in-interface lo \ --jump ACCEPT iptables --append OUTPUT \ --out-interface lo \ --jump ACCEPT #--------------------------------# # # Establish our harsh drop-all default policies # iptables --policy INPUT DROP iptables --policy OUTPUT DROP iptables --policy FORWARD DROP <SNIP>