LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 09-08-2005, 08:35 PM   #1
The_wave
LQ Newbie
 
Registered: Sep 2005
Posts: 5

Rep: Reputation: 0
iptables is blocking sites...


Hi there,
I have a strange problem...
I use an old pc as router/firewall, Debian 3.1 kernel 2.6.8 and iptables 1.3.3 is installed on the machine.
To generate the iptables script i used the Easy Firewall Generator .

The problem is that a few websites doesn't load, like:
hotmail.com > the browser (ie & ff) hangs on "transferring data"
msn.com > hangs also on "waiting for..."
Also my pc banking doesn't work anymore...

There are no problems with the internet provider, clients or with the hosting of the websites because i tried them on another machine with another connection and that works fine...

I think the problem is in the iptables script, when i turn off iptables and try to surf with the linux pc with Lync ( console browser ), msn, hotmail,... works fine, but when i put iptables on it doesn't work anymore

I don't know what's wrong with the script It works fine before but due a harddisk crash i had to reinstall it.

Link to the iptables script

Last edited by The_wave; 09-08-2005 at 08:37 PM.
 
Old 09-08-2005, 08:48 PM   #2
Matir
LQ Guru
 
Registered: Nov 2004
Location: San Jose, CA
Distribution: Ubuntu
Posts: 8,507

Rep: Reputation: 128Reputation: 128
That is a REALLY complex script for most purposes. I noticed it doesn't load ipt_state, but does use stateful filtering. It also opens ports for ftp even.
I'd start off by making sure ipt_state gets loaded. And, don't forget about ipt_MASQUERADE if you're going to be doing MASQ.
 
Old 09-08-2005, 08:54 PM   #3
The_wave
LQ Newbie
 
Registered: Sep 2005
Posts: 5

Original Poster
Rep: Reputation: 0
Yeh i have running an ftp and also some ports are forwarded.
I can use email, ftp, bittorent, irc,.. only just a few sites doesn't work.
 
Old 09-08-2005, 09:02 PM   #4
Matir
LQ Guru
 
Registered: Nov 2004
Location: San Jose, CA
Distribution: Ubuntu
Posts: 8,507

Rep: Reputation: 128Reputation: 128
Anything showing up in the logfiles?
 
Old 09-08-2005, 09:35 PM   #5
craigevil
Senior Member
 
Registered: Apr 2005
Location: OZ
Distribution: Debian Sid
Posts: 4,734
Blog Entries: 12

Rep: Reputation: 463Reputation: 463Reputation: 463Reputation: 463Reputation: 463
Try using a GUI firewall, like Guarddog or Firestarter. The scripts they create are not nearly as complex as the one you are using.

Can you ping the sites you are having problems connecting to?
 
Old 09-08-2005, 09:39 PM   #6
The_wave
LQ Newbie
 
Registered: Sep 2005
Posts: 5

Original Poster
Rep: Reputation: 0
ping doesn't work, i guess it's blocked on their host.
But traceroute works fine.
I've used easy firewall generator on my previous system and that worked fine, maybe there's something else wrong but i don't know what :s
 
Old 09-09-2005, 10:22 AM   #7
The_wave
LQ Newbie
 
Registered: Sep 2005
Posts: 5

Original Poster
Rep: Reputation: 0
craigevil i can't use guarddog or firestarter because i have no X on the router
 
Old 09-09-2005, 10:53 AM   #8
The_wave
LQ Newbie
 
Registered: Sep 2005
Posts: 5

Original Poster
Rep: Reputation: 0
Oh my god.
I've found the problem, the iptables script is ok. What i've done is powering off my ethernet modem and put it back on, and guess what, the sites are loading now
Never had this problem before. It's an Alcatel ADSL 1000
 
Old 09-09-2005, 11:00 AM   #9
Matir
LQ Guru
 
Registered: Nov 2004
Location: San Jose, CA
Distribution: Ubuntu
Posts: 8,507

Rep: Reputation: 128Reputation: 128
Odd. Perhaps some sort of firmware bug? Glad it's not iptables though.
 
Old 09-09-2005, 04:44 PM   #10
essexman
LQ Newbie
 
Registered: Apr 2005
Distribution: SUSE, Mandrake
Posts: 1

Rep: Reputation: 0
Thumbs up

Quote:
Originally posted by The_wave
Oh my god.
I've found the problem, the iptables script is ok. What i've done is powering off my ethernet modem and put it back on, and guess what, the sites are loading now
Never had this problem before. It's an Alcatel ADSL 1000
I've been stuck with this for ages and haven't been able to find any duplication of the problem, let alone a fix. I have just powered down my Linksys wireless router, and I am now able to view both www.ebuyer.com and www.gnome.org for the first time in about 3-4 months. I have even tried pinging these sites from my modem router which is, of course, before the 4-way wireless - no luck.

But now, thanks to you, I will waste merrily waste the rest of the evening with my dear old friends ebuyer and gnome.

Thank you very much

Essexman
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
blocking an IP using iptables picox Linux - Security 7 12-10-2010 02:00 PM
controlling access through squid( blocking all sites except for one) jomy Linux - Networking 1 12-15-2004 06:27 AM
Blocking some sites... gani *BSD 2 11-05-2004 09:07 PM
Blocking porn sites debug019 Linux - Newbie 4 09-07-2004 01:13 AM
Blocking web sites lovswr Linux - Software 6 11-03-2003 12:10 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 09:23 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration