Mailinglist Archive: opensuse-security (359 mails)

< Previous Next >
RE: [suse-security] IPTABLES Command slows down the machine
  • From: "Knut Erik Hauslo" <KNUTH@xxxxxxxxxxxx>
  • Date: Fri, 25 Jul 2003 13:37:02 +0200
  • Message-id: <84ECB0B9D002A54EA3E926AAA94E580801908B@xxxxxxxxxxxxxx>
Well, after addiing "$IPTABLES -a INPUT -i $lo -j ACCEPT" and rebooting,
speed have not improved... By the way, if I manually start the script
(not via /etc/init.d/boot.local) things are performing at normal
speed.... :-S (confused smiley)

Cheers
Knut Erik


-----Original Message-----
From: Mark Perry [mailto:PERRY@xxxxxxxxxx]
Sent: Friday, July 25, 2003 1:20 PM
To: Knut Erik Hauslo
Cc: suse-security@xxxxxxxx
Subject: RE: [suse-security] IPTABLES Command slows down the machine



I don't see any allowance for INPUT on IFC=lo?

I always start my scripts by allowing the local loopback interface -
I'll allow others on the List to make the own comments ;-) But here's
how my iptable scripts start:

#
# Enable all I/O to/from the local loopback interface
#
iptables --append INPUT \
--in-interface lo \
--jump ACCEPT

iptables --append OUTPUT \
--out-interface lo \
--jump ACCEPT

#--------------------------------#

#
# Establish our harsh drop-all default policies
#
iptables --policy INPUT DROP
iptables --policy OUTPUT DROP
iptables --policy FORWARD DROP

<SNIP>

< Previous Next >