iptables delay connection phase

"eNet" <nt@xxxxxxxxxxx> · Mon, 30 Jun 2003 09:14:14 +0200

Hello List,

I am new in iptables and list.

I have problem when my dialup clients trying to 
check their emails. There is a delay because of iptables. On that box I use 
linux kernel 2.4.19 and rc.firewall 

Here are more details of what is 
happening:

Case  1. without iptables . It is OK. No 
delay.

19:45:51.756818 arp who-has xxx.xxx.xxx.1 tell 
xxx.xxx.xxx.129
19:45:51.756837 arp reply xxx.xxx.xxx.1 is-at 
yy:yy:yy:yy:yy
19:45:51.756920 xxx.xxx.xxx.129.2814 > 
NS1.enet.org.al.pop3: S 1490445489:1490445489(0) win 16384 <mss 
1460,nop,nop,sackOK> (DF)
19:45:51.756988 NS1.enet.org.al.pop3 
> xxx.xxx.xxx.129.2814: S 401842756:401842756(0) ack 1490445490 win 
5840 <mss 1460,nop,nop,sackOK> 
(DF)
19:45:51.757102 
xxx.xxx.xxx.129.2814 > NS1.enet.org.al.pop3: . ack 1 win 
17520 (DF)
19:45:51.761677 xxx.xxx.xxx.1.48021 > 
xxx.xxx.xxx.129.auth: S 387191140:387191140(0) win 5840 <mss 
1460,sackOK,timestamp 251690774 
0,nop,wscale 0> (DF) 19:45:51.761856 
xxx.xxx.xxx.129.auth > xxx.xxx.xxx.1.48021: R 0:0(0) ack 
387191141 win 0

etc...

Case 2.  iptables activated. Problem: 
delay

20:00:43.670848 xxx.xxx.xxx.129.2824 
> NS1.enet.org.al.pop3: S 1713847144:1713847144(0) win 16384 <mss 
1460,nop,nop,sackOK> (DF)
20:00:43.670903 NS1.enet.org.al.pop3 
> xxx.xxx.xxx.129.2824: S 1342878817:1342878817(0) ack 1713847145 
win 5840 <mss 1460,nop,nop,sackOK> 
(DF)
20:00:43.671015 
xxx.xxx.xxx.129.2824 > NS1.enet.org.al.pop3: . ack 1 win 
17520 (DF)
20:00:43.672185 xxx.xxx.xxx.1.48326 > 
xxx.xxx.xxx.129.auth: S 1340299399:1340299399(0) win 5840 <mss 
1460,sackOK,timestamp 251779965 
0,nop,wscale 0> (DF)

now it goes around (!!!!!??)

20:00:43.672291 xxx.xxx.xxx.129.auth > 
xxx.xxx.xxx.1.48326: R 0:0(0) ack 1340299400 win 0
20:00:46.666594 
xxx.xxx.xxx.1.48326 > xxx.xxx.xxx.129.auth: S 1340299399:1340299399(0) win 
5840 <mss 1460,sackOK,timestamp 251780265 
0,nop,wscale 0> 
(DF)
20:00:46.666744 192.168.1.129.auth > xxx.xxx.xxx.1.48326: R 0:0(0) 
ack 1 win 
0
20:00:52.666607 192.168.1.1.48326 > xxx.xxx.xxx.129.auth: 
S 
1340299399:1340299399(0) win 5840 <mss 1460,sackOK,timestamp 251780865 

0,nop,wscale 0> (DF)
20:00:52.666754 xxx.xxx.xxx.129.auth > 
xxx.xxx.xxx.1.48326: R 0:0(0) ack 1 win 
0

untill here:

20:01:04.666637 xxx.xxx.xxx.1.48326 > 
xxx.xxx.xxx.129.auth: S 1340299399:1340299399(0) win 5840 <mss 
1460,sackOK,timestamp 251782065 
0,nop,wscale 0> (DF)

etc.... 

Any help appreciated.

Tani