Networking Forums
Home Register Members Search Links
Member Login:

Networking Forums > Computer Networking > Linux Networking > iptables-restore hang during system boot

Reply
Thread Tools Display Modes

iptables-restore hang during system boot

 
 
Stanislaw Findeisen
Guest
Posts: n/a

 
      05-17-2005, 10:30 PM
-------- SUMMARY --------

OS:
* Fedora Core 3 (kernel 2.6)

Files involved:
* /etc/sysconfig/iptables
* /sbin/iptables-restore

Issues:
* iptables setup during system boot hangs
* nat table

-------- THE STORY --------

I have recompiled the kernel disabling IP routing. Now iptables lacks
the nat table. iptables-save's output lists no nat table:

# Generated by iptables-save v1.2.11 on Tue May 17 09:17:49 2005
*mangle
:PREROUTING ACCEPT [13:11993]
:INPUT ACCEPT [13:11993]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [61:382696]
:POSTROUTING ACCEPT [6:11120]
[...rules...]
COMMIT
# Completed on Tue May 17 09:17:49 2005
# Generated by iptables-save v1.2.11 on Tue May 17 09:17:49 2005
*filter
:INPUT DROP [6:468]
:FORWARD DROP [0:0]
:OUTPUT DROP [55:371576]
[...rules...]
COMMIT
# Completed on Tue May 17 09:17:49 2005

This is fine.

-------- THE PROBLEM --------

But now the system hangs during boot on "Starting firewall...". This is
when the script /etc/init.d/iptables executes iptables-restore trying to
read firewall rules from /etc/sysconfig/iptables (where iptables-save's
output is stored). It recovers, in fact, but after 20 minutes or so. I
didn't watch that long and don't know what happens. Then the firewall
seems to be properly configured.

-------- DIAGNOSTICS AND ATTEMPTS TO SOLVE --------

I used the --verbose option to iptables-restore during system boot:

# Generated by iptables-save v1.2.11 on Tue May 17 09:17:49 2005
Flushing chain `PREROUTING'
Flushing chain `INPUT'
Flushing chain `FORWARD'
Flushing chain `OUTPUT'
Flushing chain `POSTROUTING'
# Completed on Tue May 17 09:17:49 2005
# Generated by iptables-save v1.2.11 on Tue May 17 09:17:49 2005
Flushing chain `INPUT'
Flushing chain `FORWARD'
Flushing chain `OUTPUT'
[Hang here, expected this line:]
# Completed on Tue May 17 09:17:49 2005

After system is booted the same script (/etc/init.d/iptables start)
seems to work fine.

-------- HELP NEEDED --------

Any ideas on what's going on in iptables-restore then? I guess I must be
having something misconfigured, but what?

Thanks!

--
http://www.nglogic.com
Enter through the narrow gate! (Mt 7:13-14)
 
Reply With Quote
 
 
 
Reply

« Wireless redirect to local web server? | IPCOP Linux not passing traffic through. Suggestions? »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Servers hang on boot obnetadmin Windows Networking 13 11-13-2007 05:21 PM
WinXP system restore & wireless settings 46erjoe Wireless Internet 4 11-21-2006 04:33 PM
SuSE: How to safely restore a windows boot loader to MBR R Kannan Linux Networking 4 01-02-2006 03:52 AM
Win 98SE on Sony VAIO (system restore CD only) Irv Diamond Windows Networking 0 04-23-2004 10:37 PM
System hang Linksys WPC11 adapter.. Boggs Windows Networking 0 01-12-2004 02:40 PM


Forum Software Powered by vBulletin®, Copyright Jelsoft Enterprises Ltd.
SEO by vBSEO 3.3.2 ©2009, Crawlability, Inc.
Contact Us - Archive - Privacy Statement - Top

1 2 3 4 5 6 7 8 9 10 11