I'm setting up a server which is a DNS server and broadband gateway for a small
LAN, having two NICs with one connected to the DSL modem.
It's got dnsmasq and iptables. I'm saying that because I think it's the firewall
causing the problem, but I don't know for sure or why.
I am trying to run apache and tomcat servers to serve content and apps for the
internal LAN, and not externally.
Apache runs fine, but tomcat is very slow to load (3 mins) when it should be 1
or 2 seconds. It is also not possible to shut tomcat down - it makes the
'tomcat5.5 stop' command hang.
I know tomcat needs ports 8009, 8080 and 8443 by default, and I studied my
iptables script (build by fwbuilder) but it looks fine.
Hopefully this is a common problem, but I've included my iptables output below
just in case.
Thanks for any advice,
Adam
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE 0 -- 192.168.0.0/24 0.0.0.0/0
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT 0 -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED
DROP 0 -- 86.129.117.158 0.0.0.0/0
DROP 0 -- 192.168.0.2 0.0.0.0/0
DROP 0 -- 192.168.0.0/24 0.0.0.0/0
ACCEPT 0 -- 0.0.0.0/0 0.0.0.0/0 state NEW
Cid46260D13.0 0 -- 192.168.0.0/24 0.0.0.0/0 state NEW
Cid46260D1E.0 udp -- 0.0.0.0/0 0.0.0.0/0 udp multiport
dports 68,67 state NEW
Cid46260D1E.2 0 -- 0.0.0.0/0 255.255.255.255 state NEW
Cid46260D34.0 tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:53
state NEW
Cid46260D34.0 udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:53
state NEW
ACCEPT 0 -- 192.168.0.0/24 0.0.0.0/0 state NEW
Cid462610E7.1 0 -- 0.0.0.0/0 192.168.0.0/24 state NEW
DROP 0 -- 0.0.0.0/0 86.129.117.158
DROP 0 -- 0.0.0.0/0 192.168.0.2
DROP 0 -- 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT 0 -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED
DROP 0 -- 86.129.117.158 0.0.0.0/0
DROP 0 -- 192.168.0.2 0.0.0.0/0
DROP 0 -- 192.168.0.0/24 0.0.0.0/0
ACCEPT 0 -- 192.168.0.0/24 0.0.0.0/0 state NEW
Cid462610E7.2 0 -- 0.0.0.0/0 192.168.0.0/24 state NEW
DROP 0 -- 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy DROP)
target prot opt source destination
ACCEPT 0 -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED
ACCEPT 0 -- 86.129.117.158 0.0.0.0/0 state NEW
ACCEPT 0 -- 192.168.0.2 0.0.0.0/0 state NEW
ACCEPT 0 -- 0.0.0.0/0 0.0.0.0/0 state NEW
Cid46260D2A.0 0 -- 0.0.0.0/0 192.168.0.0/24 state NEW
Cid46260D34.1 tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:53
state NEW
Cid46260D34.1 udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:53
state NEW
ACCEPT 0 -- 192.168.0.0/24 0.0.0.0/0 state NEW
Cid462610E7.0 0 -- 0.0.0.0/0 192.168.0.0/24 state NEW
DROP 0 -- 0.0.0.0/0 86.129.117.158
DROP 0 -- 0.0.0.0/0 192.168.0.2
DROP 0 -- 0.0.0.0/0 0.0.0.0/0
Chain Cid46260D13.0 (1 references)
target prot opt source destination
Cid46260D13.1 0 -- 0.0.0.0/0 86.129.117.158
Cid46260D13.1 0 -- 0.0.0.0/0 192.168.0.2
Chain Cid46260D13.1 (2 references)
target prot opt source destination
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp multiport
dports 22,53
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:53
Chain Cid46260D1E.0 (1 references)
target prot opt source destination
Cid46260D1E.1 0 -- 192.168.0.0/24 0.0.0.0/0
Cid46260D1E.1 0 -- 0.0.0.0 0.0.0.0/0
Chain Cid46260D1E.1 (2 references)
target prot opt source destination
ACCEPT 0 -- 0.0.0.0/0 86.129.117.158
ACCEPT 0 -- 0.0.0.0/0 192.168.0.2
Chain Cid46260D1E.2 (1 references)
target prot opt source destination
Cid46260D1E.3 udp -- 0.0.0.0/0 0.0.0.0/0 udp multiport
dports 68,67
Chain Cid46260D1E.3 (1 references)
target prot opt source destination
ACCEPT 0 -- 192.168.0.0/24 0.0.0.0/0
ACCEPT 0 -- 0.0.0.0 0.0.0.0/0
Chain Cid46260D2A.0 (1 references)
target prot opt source destination
Cid46260D2A.1 udp -- 0.0.0.0/0 0.0.0.0/0 udp multiport
dports 68,67
Chain Cid46260D2A.1 (1 references)
target prot opt source destination
ACCEPT 0 -- 86.129.117.158 0.0.0.0/0
ACCEPT 0 -- 192.168.0.2 0.0.0.0/0
Chain Cid46260D34.0 (2 references)
target prot opt source destination
ACCEPT 0 -- 86.129.117.158 0.0.0.0/0
ACCEPT 0 -- 192.168.0.2 0.0.0.0/0
Chain Cid46260D34.1 (2 references)
target prot opt source destination
ACCEPT 0 -- 86.129.117.158 0.0.0.0/0
ACCEPT 0 -- 192.168.0.2 0.0.0.0/0
Chain Cid462610E7.0 (1 references)
target prot opt source destination
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:5060
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp
dpts:16384:16403
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp multiport
dports 5060,1029
Chain Cid462610E7.1 (1 references)
target prot opt source destination
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:5060
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp
dpts:16384:16403
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp multiport
dports 5060,1029
Chain Cid462610E7.2 (1 references)
target prot opt source destination
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:5060
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp
dpts:16384:16403
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp multiport
dports 5060,1029
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
