Ubuntu Servers :: Iptables Causing Slow Ssh And Name Lookup Errors
Jan 24, 2010
Why would this iptables cause this mail delivery error? I think it's to do with dns lookups not being routed properly... if remove the last rule, mail works fine.
ssh is also very slow to connect when the last rule is enabled.
postfix mail error:
Code:
Jan 24 11:32:18 xxxx postfix/smtp[15065]: 9F2162C519: to=<xxxxx@hotmail.com>, relay=none, delay=1005, delays=965/0.01/40/0, dsn=4.4.3, status=deferred (Host or domain name not found. Name service error for name=hotmail.com type=MX: Host not found, try again) iptables
[Code]....
View 1 Replies
ADVERTISEMENT
Sep 7, 2010
I've been comparing the current Slackware 32 bit versus 64 bit, and I've noticed that the 64 bit version is as slow as dialup for domain name lookup.
The 32 bit version is very fast to find websites after a mouse click, whereas the 64 bit version takes forever looking up URLs. (using Firefox)
All the other 64 bit Linuxes seem to be the same way, not just Slackware.
The /etc/resolve.conf file is the same for 32 or 64 bit Slackware, but something is not right. The 32 bit version has a /etc/dhcpc directory, but not the 64 bit version.
Could this be causing the extreme slowdown?
It's really very irritating when the rest of the system is blazing fast.
AMD Phenom II X4 955
Asus M4A88TD-V
8 GB Corsair XM33 ram
View 7 Replies
View Related
Nov 9, 2010
For a while now I've got a problem when surfing the internet. Everythings fine for let's say 15 minutes and then all of a sudden it takes about 1 minute to load a -random- page, once it has loaded, everthing's fine again. Transmission does not seem to have this problem. I'll double check this. Looking thru the forum I found the following "solutions". None of which has worked for me up to now:
- disable ipv6 in firefox
- set method under network manager to "Automatic (DHCP) addresses only" and use google or OpenDNS dns servers
- change resolv.conf (comparable to the second one I guess)
View 9 Replies
View Related
Jun 4, 2011
I just installed Ubuntu 11.04 in a dual boot environment on a spare laptop( Dell Inspiron 6000 ) I have other machines using older distro's of Ubuntu but do not have them all on line... utility costs are ridiculous here..anyway.... I found some optimization tips for Firefox and those have been done and I did find earlier information about this or a very similar problem but all the suggestions mentioned there are already in place here network wide.. Basically what is happening is this: When a web site is opened from the browser in the lower left hand of the screen it displays "Looking up www.google.com" or what ever url was entered.
I know Win is not a good comparison and I haven't gotten any additional Ubuntu boxes on line yet but Win seem unaffected by this.
Any recommendations as to what I should try next?? I have DNS server information stored in the router using Google Public DNS and Open DNS as a backup and uPNP is disabled. Seems like the program (Ubuntu) is plenty fast even on this Celeron based machine but the time taken to look up DNS data is a lot slower than anticipated.
View 3 Replies
View Related
Mar 31, 2010
I've been cracking on with getting a new Slackware 13 x64 installation going. I've got a problem with browsing the net which I can't put my finger on.
When I try to access a site my machine spends a long time with the "Looking up www.website.com" message at the bottom. It can take 7-12 seconds before the site is found. Normally I would blame this on my ISP or connection but Mint, Debian and Windows XP aren't having this problem, they just zip straight to the site whether I've been to it before or not.
Is anybody aware of where the problem might be? It's not in the browser either because Opera, Seamonkey and Firefox all have the same problem issue.
View 6 Replies
View Related
Aug 3, 2011
My problem, GRUB loader appears when it normally did not and Ubuntu fails to boot. My story, I installed ubuntu on a HP Touchsmart laptop a month ago because I was having troubles with Windows and... well I just wanted to install ubuntu. All goes well until a week ago when my sound was permanently muted through a hardware switch and ubuntu was not detecting it. I tried hitting the button on my laptop but nothing worked. Soo... I tried resetting my BIOS in hopes that it would fix it. I set the bios to its defaults and booted. This is where it got weird. the GRUB loader appeared when it normally did not and upon booting, a black screen with flashing cursor would show up and then... nothing. I changed the bios settings back to what they were and still nothing.
I have removed the silent boot from the GRUB boot line and can see whats going on... a little, the last thing it shows is "Running /scripts/init-bottom ... done." annnd nothing else. When booting in recovery mode it stops after 30 or so seconds on...
Code:
ACPI: Power Button [PWRB]
input: Power Button as /devices/LNXSYSTM:00/LNXPWRBN:00/input/inp
and just ends on that line. the previous line shows closing the Lid as a button.
I have tried booting into a live USB (as the laptop has no cd drive) and everything works fine.
how the BIOS would be related to GRUB/booting..
View 2 Replies
View Related
Jul 9, 2011
I'm running Ubuntu 11.04 and I'm really new to linux. My problem is that whenever I try to browse a site I notice the website loads very slowly because it takes a long time to do lookups. I installed Ubuntu with an onboard NIC and later switched to a PCI NIC (Dlink DGE-530T). Although I disabled the onboard NIC in the BIOS, it doesn't help. Could this conflict in configuration be a problem? My download rates are fine, its just lookups that take really long ( upto ~ 10 seconds). I know the PCI network card is fine because when I jump to Windows 7, lookups are normal again (~ 300ms). At first I thought about installing the sk98lin drivers for the PCI NIC but I saw a couple of places where people have mentioned that the skge driver that comes along with the kernel is better.
I have tried a system wide as well as Firefox disable of IPv6. Here is my /etc/udev/rules.d/70-persistent-net.rules
Code:
# PCI device 0x1186:0x4b01 (skge)
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:24:01:14:eb:39", ATTR{dev_id}=="0x0", ATTR{type}=="1", KERNEL=="eth*", NAME="eth0"
# PCI device 0x10de:0x0373 (forcedeth)
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:1e:8c:3e:19:ed", ATTR{dev_id}=="0x0", ATTR{type}=="1", KERNEL=="eth*", NAME="eth1"
The interface I want to use according to the listing above is the one with the MAC - 00:24:01:14:eb:39.
I tried removing one of the entries in the file above and rebooting but it still didn't work. Here is a look at my /etc/network/interfaces
Code:
auto lo
iface lo inet loopback
# The primary network interface
auto eth0
iface eth0 inet static
address 192.168.1.10
gateway 192.168.1.1
netmask 255.255.255.0
network 192.168.1.0
broadcast 192.168.1.255
View 4 Replies
View Related
Apr 28, 2011
I am currently running Fedora 14 on an x86_64 system that acts as a whole house server for named, dhcp, nfs, nis, htpp, samba, etcMy issue has existed for a few years and I am just now getting around to posting about it.I have a simple samba configuration for sharing files to a windows VM on another box.Here is the config:
[global]
workgroup = NERD
server string = Samba Server on NERD
[code]....
View 7 Replies
View Related
Sep 1, 2010
my brother's computer is pretty slow, but was working fine with ubuntu karmic, but I decided to finally upgrade him to lucid the other day, and recently his bootups take, at worst, 10 minutes,when in karmic it took way less. It just sits on a blank screen (not even a blinking cursor)
His pc's specs are:
1.4 Ghz processor (single core)
on-board graphics (no graphics card)
two hdd's one 80GB and one 150GB (the 150GB is split into 3 partitions)
465.7MB of ram 4.1GB of swap
I've attached his bootchart and it seems that Modprobe, Framebuffer, udevadm, and blkid are taking the most time to load, but I dont really know, i'm new to linux. Also how do i disable bootchart now that iv'e used it. p.s Heres he same bootchart just in case the one attached gets shrunk by ubuntuforums [URL]..
View 1 Replies
View Related
Apr 6, 2010
Like many others I'm running into some reverse lookup issues with SSH. Setup is as follows:
localnet setup
myserver - 192.168.0.x
myworkstation - 192.168.0.y
[Code].....
nslookup tests show that my reverse lookup is functioning correctly. However, if I use "myworkstation" to connect to myserver.mydomain.com using an external nameserver SSH says: "Address 84.162.xx.yy maps to myserver.mydomain.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!"
On myserver the /etc/hosts has the internal address for the server which seems the normal way to go to me. Changing this to the servers external address solves the issue.
Apparently a connection originating from myworkstation arrives from/with my external address, and when its reverse is checked by the server it apparently finds its own internal address for that name in /etc/hosts before doing a nameserver query and thus concludes that internaladdress <> externaladdress which gives the error.
Is there any way to have the server check external DNS before /etc/hosts? Another solution would probably be running an internal DNS, so myworkstation doesn't connect through the 'outside'.
View 1 Replies
View Related
Apr 16, 2011
I am running Ubuntu server 10.10 and trying to setup iptables rules in /etc/if-up.d/iptables
Quote:
root@host# cat /etc/network/if-up.d/iptables
#!/bin/sh -e
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
Problem is that iptables doesn't get updated and I don't see them when iptables -L is executed after reboot.
View 2 Replies
View Related
Nov 26, 2010
I am unable to restore my iptables from iptables-save after upgrading Fedora. I cannot get iptables-restore to work, and I have resorted to entering rules manually using the GUI.
View 2 Replies
View Related
Apr 1, 2011
I'm at a loss to why my reverse lookup zone doesn't work for me.I've got two views. One internal and one external. My domain is isp2.datornatverk.se. Public IP: 130.240.133.81.
dig -x @8.8.8.8 130.240.133.81
gives me:
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2917
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
I've set it up so that the internal subnets gets the domains resolved to the internal IP-addresses. When querying from external addresses I will get public IP.My named.conf.local file:
Code:
acl internals {
127.0.0.0/8;[code]..........
I don't know whether the views has messed something up. It worked before I added the views.
View 3 Replies
View Related
Apr 1, 2010
I'm having a problem with the oci8 module in PHP. I have been running this server for over a year with this configuration and never had an issue... I had been away since last Thursday, and suddenly this started happening this morning. I'm the only one who has server access, which has me baffled.
I've narrowed it down to the oci8 module because:
* I created a PHP script that does nothing except call oci_login(), which seg faults.
* Any web page that uses the oci functions fails... it asks you to download the PHP file, which is empty (likely because the oci_login call done before anything in PHP is printed).
View 1 Replies
View Related
Apr 3, 2011
i just wanted to check if its something silly ive overseen and if anyone else is having this problem...im running Ubuntu 10.04.2 LTS with latest version of squid 2.7.STABLE7-1ubuntu12.2. now when i shutdown or reboot the system, it says something along this lines of umount: /var is busy (check using lsof...). this is followed by text in red: [fail].when the system starts up again, i can see /var journal is recovering, so the /var partition was not cleanly unmounted during shutdown. obviously, there is a risk of filesystem corruption here. FYI, i have /var and other important mountpoints as separate partitions (LVM; ext4).
to confirm my suspicions of squid still running during shutdown, i checked /var/log/squid/cache.log and there is no indication that it received the signal to terminate. if i manually run "stop squid", then cache.log would show that squid has stopped successfully (or words to that effect).to confirm that /var is locked by squid during shutdown, ive added a script to run "lsof | grep var" before filesystems are unmounted. and voila! it indicates that various files used by squid in /var such as swap.state are still open. hence, the next system startup would result in /var recovering journal again.finally, i tried running "stop squid" before issuing the shutdown command and it successfully unmounts /var and i do not get /var recovering journal on the next system startup.
View 3 Replies
View Related
Aug 30, 2010
I have a relatively new server (Ubuntu Server 10.04.1) with a "/backup" partition on top of LVM on top of an MD raid 1.Everything generally works, except that it freezes during the fsck phase of bootup, with no errors. I've given it 20 minutes or so. If I press 's' to skip an unavailable mount (documented here), it reports that /backup could not be mounted.here are no LVM related messages in /var/log/messages, syslog, or dmesg.
When I try to mount /backup manually, it reports that the device (/dev/vg0/store) does not exist. Apparently the volume group was never activated, though all documentation seems to claim it should happen automatically at boot. When I run "vgchange vg0 -a y", it activates the volume group with no issue, and then I can mount /backup./etc/lvm/lvm.conf is unchanged from the defaults. I've seen posts mentioning the existence of a /etc/udev/rules.d/85-lvm2.rules , but no such file exists on my server, and I'm not sure how I would go about creating it manually, or forcing udev to create one.There are some open bugs describing similar problems, but surely it doesn't happen to everyone or there'd be many more[URL]
View 5 Replies
View Related
Feb 12, 2010
Today I was installing a new system and tried to run an iptables script I have on another machine, in which works flawlessly, and get a bunch of errors:
Looking into /lib there isn't an iptables directory but there's one named xtables. I tried creating a sybolic link:
But, still doesn't work don't know if is a bug or what but have other systems running without problems.
I running this on Lenny 5.0.4 and iptables was installed with apt-get install iptables.
View 1 Replies
View Related
Jan 24, 2011
I have a few mail servers (CentOS 5.5) that are running OSSEC Active Response (2.5.1) on Iptables (1.3.5-5.3.el5_4.1). We are currently having a problem where we get loop hook errors:Jan 24 04:15:03 servername kernel: iptables: loop hook 1 pos 464080 00000022 this is the firewall-drop.sh we are currently using:
Code:
#!/bin/sh
# Adds an IP to the iptables drop list (if linux)
# Adds an IP to the ipfilter drop list (if solaris, freebsd or netbsd)
# Adds an IP to the ipsec drop list (if aix)
[Code]...
View 4 Replies
View Related
Jan 12, 2011
The scenario: We have an external server that runs HTTP/DB servers for out shop system. Then, there's our local, in-house infrastructure that runs a.. yeah... Exchange 2010. The shop system on the external server needs to send mails to customers (order confirmations, invoices, etc.). seing as sending them directly through the local MTA (Postfix) would cause mail delivery problems because of reverse DNS issues, i've set the Postfix MTA to act as a satellite to our in-house Exchange Server, so the Exchange sends the mail instead, giving recipient mail servers a valid reverse DNS lookup.
Now, mails sent by the (proprietary, uneditable) shop system are relayed correctly and sent to the target e-mail address. My problem is: Mails not sent by the shop system, but by our own PHP scripts which run on that same external servers, are NOT relayed properly. So the Exchange is fine with the mails sent by the shop system, but not the mails sent by our scripts. This is what i get in the mail.log: The successfully relayed mail sent by the shop system:
[Code]....
View 2 Replies
View Related
Apr 26, 2011
In December 2009 I switched my web-hosting package with 1and1 to their best VPS package. What a difference! At this time I knew absolutely NOTHING about Linux sys admin stuff. Now, I know a little more I now run 'several' VPS instances (all with 1and1). Back to the problem then... On all my boxes I run CentOS 5.5 (Linux 2.6.18-028stab070.4) with various different versions of Plesk (9.5.2 and 10.2.0) The VPS instances themselves are on Virtuozzo nodes. As you may know, Virtuozzo has a firewall GUI allowing modification of iptables. I only use this when I make a mistake and cannot SSH. My 'original' iptables: (the VZ chains are controlled by the Virtuozzo container)
Code:
Chain INPUT (policy DROP)
target prot opt source destination
VZ_INPUT all -- anywhere anywhere
Chain FORWARD (policy DROP)
[code]....
if this iptables chain limits the number of connections to 3 per second and 100 per second respectively, is this still secure or is there no point in having this rule? If the rule is a good one to have, then how can I allow http connections to bypass this chain/rule?
View 6 Replies
View Related
Jun 22, 2010
I have a Webserver (Co-Location) and all runs fine ... since last week. Now there are a lot of RX-ERR shown in netstat and ifconfig. And when I try to upload a external website direct on the server for example via wget, it is very very slow and hangs very often.
RX packets:2919694 errors:990386 dropped:0 overruns:0 frame:596420
TX packets:4231423 errors:0 dropped:0 overruns:0 carrier:0
I have analyse the network but I was not able to find a problem. My hoster has checked the network and all looks fine. For example my hoster has plugged-in a pc in the same switch ... and was able to do wget (load external data, like websites) in normal speed.
Since last week my websites were delivered slower as before, too. It seemed there is a network-problem ... but how can I find it?
Actually I can install moduls ... but the server needs hours. So, if you knows a good command-line tool to analyse the network.
View 1 Replies
View Related
Jun 27, 2010
When I try to run anything that uses iptables, even just iptables -L, I get:
Code:
1+drm33.2/modules.dep: No such file or directory
iptables v1.4.4: can't initialize iptables table `filter': iptables who? (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded. This is on a fresh Ubuntu minimal install, using my VPS hosts image (so they could have messed something up). I know there have been issues in the past with iptables on Ubuntu on xen. Is this a Ubuntu bug? Is there a solution?
incidentally depmod -a gives:
Code:
WARNING: Couldn't open directory /lib/modules/2.6.32.11+drm33.2: No such file or directory
FATAL: Could not open /lib/modules/2.6.32.11+drm33.2/modules.dep.temp for writing: No such file or directory
View 1 Replies
View Related
Oct 4, 2010
I'm coming from a RHEL/CentOS background where I'm used to editing /etc/sysconfig/iptables for host-based firewall stuff. I can't find a direct equivalent on Ubuntu and I'm pretty surprised. What I've found is the ufw utility which seems to do some of what I want and some things I may not want, but it seems pretty cumbersome to type "ufw allow proto tcp from <address> to any port <number>" etc over and over again, compared to just copying and pasting and editing a largely canned set of iptables rules on RHEL.
Is that how experienced ubuntu server sysadmins do things? Do you really use the ufw front end, or do you do a preup script in /etc/network/interfaces that calls a iptables --restore, etc?
Is there another way that I'm missing? I want to do things the most standard, ubuntu-like way that's consistent with repeatability and quality, basically.
View 1 Replies
View Related
Nov 30, 2010
I am having a little trouble setting up a NAT firewall using iptables. I have 1 PC dedicated to being the firewall running Ubuntu 10.04 LTS. There are 2 NICs in this PC. One NIC is connected to the modem & the other is hooked into my router, sharing the connection through to the other PC on my LAN. Thing is that I am having troubles setting this up using iptables. I have it sharing the connection, but can't seem to make it forward 2 ports through to my webserver on the LAN. I am also wanting to setup init.d to control iptables. I have been trying to google this, but haven't found anything useful to get this accomplished. I put the following into rc.local to make the forwarding work:
/sbin/iptables -F
/sbin/iptables -N block
/sbin/iptables -A block -m state --state ESTABLISHED,RELATED -j ACCEPT
/sbin/iptables -A block -m state --state NEW -i ! eth0 -j ACCEPT
/sbin/iptables -A block -j LOG
/sbin/iptables -A block -j DROP
/sbin/iptables -A INPUT -j block
/sbin/iptables --table nat -A POSTROUTING -o eth0 -j MASQUERADE
View 1 Replies
View Related
Jun 16, 2011
Though I have uninstalled and rm -rf'ed everything I can find having to do with ufw, I am still getting weird output from iptables -L If I type in
Code:
iptables -F
iptables -Z
iptables -L
I should get
[Code]...
View 2 Replies
View Related
Jul 26, 2011
I've had this server for a while and I've periodically received similar errors, but it's been worse lately. I'm trying to diagnose and similar posts have left me with 2, maybe 3, ideas about what could be wrong. Here is the setup: Ubuntu Server 10.10 maverick kernel 2.6.35-30-server Sans Digital TR8 8 bay raid - 2 port multipliers to esata outputs 8 1TB WD Caviar Black Syba PCI-e card with Sil3124 chipset - 2 external esata inputs I do not use the RocketRaid 622 card that came w/the enclosure because I had problems with drivers and configuration so I went with the SI chipset. The raid is configured with mdadm, level 10, running ext3 file system:
Code:
root@i5server:~# cat /proc/mdstat
Personalities : [linear] [multipath] [raid0] [raid1] [raid6] [raid5] [raid4] [raid10]
md0 : active raid10 sdb1[5] sdg1[2] sdd1[7] sdh1[3] sdf1[1] sde1[0] sdc1[6] sda1[4]
3906721792 blocks 256K chunks 2 far-copies [8/8] [UUUUUUUU]
[Code].....
What's odd is that the raid dropped out and completely locked up the computer multiple times, then marked one of the drives as failed. I did a readd on the drive and it rebuilt witout issue. Ran e2fsck -f to clean up the problems it had when it crashed, but as soon as I do heavy read/writes the errors start showing up again. This is primarily a media server for music and movies, but also for backups and printing. Heavy read/writes are generally transcoding movies and music which is what I was doing when it failed.
View 7 Replies
View Related
Feb 2, 2010
I am configuring an internal only IMAP server for archival emails. I am absolutely baffled why my connection is being refused. UFW is disabled and IPTABLES has a rule to allow all connections on 143 and 993. When I telnet this response is given:
Code:
telnet localhost 143
Trying 127.0.0.1...
telnet: Unable to connect to remote host: Connection refused
Even nmap shows the port closed. Here is my iptables rule:
HTML Code:
-A ufw-user-input -p udp -m udp --dport 143 -j ACCEPT
View 3 Replies
View Related
Jun 4, 2010
I noticed you can use names for ports like ssh, instead of the actual port number in iptables, but I can't find a list of what they are?
View 3 Replies
View Related
Jun 22, 2010
I have a clean install of Ubuntu server Lucid Lynx with the virt-host task installed. I need to find the location of the iptables rules that are being loaded when the system boots. These are the rules for the virbr0 interface.
View 1 Replies
View Related
Jul 23, 2010
How to configure iptables to allow only 22,80,3306 ports for only a dynamic public ip/dyn dns domain name on a ubuntu server?
View 9 Replies
View Related
