-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello. This is the the first time I'm dealing with wifi and the second time with NAT. I have a server (access point) with a ppp0 interface (internet), eth0, wlan0, tun0 and sit0. A dhcp server is listening on wlan0 and provides local ip addresses, dns (= my isp dns) and router (= server wlan0 ip address). Nat is configured on the server like this: # Generated by iptables-save v1.4.20 on Fri Jan 10 21:34:26 2014 *raw :PREROUTING ACCEPT [1000941:974106726] :OUTPUT ACCEPT [775261:165606146] COMMIT # Completed on Fri Jan 10 21:34:26 2014 # Generated by iptables-save v1.4.20 on Fri Jan 10 21:34:26 2014 *nat :PREROUTING ACCEPT [888:45008] :INPUT ACCEPT [63:9590] :OUTPUT ACCEPT [442:27137] :POSTROUTING ACCEPT [36:1728] - -A POSTROUTING -o ppp0 -j MASQUERADE COMMIT # Completed on Fri Jan 10 21:34:26 2014 # Generated by iptables-save v1.4.20 on Fri Jan 10 21:34:26 2014 *mangle :PREROUTING ACCEPT [1000941:974106726] :INPUT ACCEPT [951658:947497602] :FORWARD ACCEPT [39262:26279024] :OUTPUT ACCEPT [775261:165606146] :POSTROUTING ACCEPT [814621:191890787] COMMIT # Completed on Fri Jan 10 21:34:26 2014 # Generated by iptables-save v1.4.20 on Fri Jan 10 21:34:26 2014 *filter :INPUT ACCEPT [371:35432] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [33994:3725352] - -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT - -A FORWARD -i wlan0 -o ppp0 -j ACCEPT - -A FORWARD -i ppp0 -o wlan0 -j ACCEPT - -A FORWARD -i eth0 -j DROP - -A FORWARD -i tun0 -j DROP COMMIT # Completed on Fri Jan 10 21:34:26 2014 I have a client that connects to my wifi, obtains an address via dhcp and ... can't acces almost all of internet sites. I was able to ping any web service I could think of, but I was able to use only google/youtube. I can do text/ image serches on google and can open youtube(but videos aren't loading). On other services wget says connection established, but it can't retrieve anything. if I ssh to an external server (not my nat server) I can ls, but if I try to ls - -alh I receive only a half of the files list and the terminal hangs after that. If I do $python -m http.server on my server I can do file transfers and open html pages on my client. I have tried this https://wiki.archlinux.org/index.php/Software_Access_Point#WLAN_is_very_slow Also I have tried to insert LOG target in FORWARD of filter. It showed that I send way more pakets(>10) to a http server than I receive(~2-4). The client is fine and behaves normally with wifi, used it many times. Thanks for your time. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQEcBAEBAgAGBQJS0DQTAAoJEK64IL1uI2hafvwIAIDd3LM3iKTUKNSacou2NhTR W9CTSS+1fVgQKww+Biseo4jj9Hiek/vo9t7Kxv2YrCw8DwCxW8j+sRUHK6//SY9O z2abLUUxXq1q9POIy19CYXP3LVFpRSJpPtvAMADgx0roZCQWodwiVUWBZ2BI+lEF 2/T34JEqPna6NZsrtdufRWLII/zSbu9EuM5/atQe5HenI5Vkhz0rBXrLXEuRO4Gx 1bNvOmuupD5NMEVTCiwnCpGwikbZIkWswFaD89vRLBFnZwPJeE6ArwJvCMBxHhlw OgpxpMPi1oBKNHmVnLiR5d1efkhksQhL9OcEWi0Jiw6cm2u3eLVt3CxtU4OjnQc= =86dE -----END PGP SIGNATURE-----