Michael Hallager schrieb: >>I think correct should be: >>itpables -I INPUT -i lo -j ACCEPT (guess you misspeled it in the hurry) >>forward rule for loopback is not necesary, as long as i remember >>iptables -I OUTPUT -o lo -j ACCEPT; > > > HOLD ON, > This creates the following: > chain INPUT (policy ACCEPT) > target prot opt source destination > ACCEPT all -- anywhere anywhere > DROP all -- 202.71.136.166 anywhere > > Chain FORWARD (policy ACCEPT) > target prot opt source destination > > Chain OUTPUT (policy ACCEPT) > target prot opt source destination > ACCEPT all -- anywhere anywhere > > Looking at the first and last rule displayed here, dosn't this have the effect > of negating everything else? > Eg: Allow all, from anywhere to anywhere.... > > Am I missing something? Yes, -v ;) Ok, you certainly typed "iptables -L" and this will not output the interfaces. Try "iptables -nvL" and you will see, that "ACCEPT all anywhere anywhere" concerns only loopback. Regarding the timeout issue, do as Grant recommended. May be you should log in OUTPUT too, at least if logging in INPUT will not show the problem. Have a nice time, Joerg
