Find the answer to your Linux question:
Results 1 to 6 of 6
Hi All, I am new in Linux, Please help me. I am facing uploading issue in my network. Whenever I am trying to upload any small/large file via browser it ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Feb 2013
    Posts
    4

    Upload Issue


    Hi All,

    I am new in Linux, Please help me.

    I am facing uploading issue in my network. Whenever I am trying to upload any small/large file via browser it is getting failed after a minute or more and I am not getting any error for this issue. But same is working from my gateway and outside the network. I am using my Linux server (CentOS 5.8 ) as a firewall (Gateway)+router+VPN server.

    It is clearly seems that issue persist on my gateway. Can you guys help me out in the same? How can I identify and troubleshoot this issue?

    please help me..

    Thanks
    Lakhan

  2. #2
    Linux Guru Lazydog's Avatar
    Join Date
    Jun 2004
    Location
    The Keystone State
    Posts
    2,677
    First start by checking your firewall. This is 99% of the time the reason why people cannot upload or connect.
    If you would like post your rules and we could look for possible issues.

    Regards
    Robert

    Linux
    The adventure of a life time.

    Linux User #296285
    Get Counted

  3. #3
    Just Joined!
    Join Date
    Feb 2013
    Posts
    4
    Robert,

    Thanks for the reply, please find iptables details below.......I have changed the IP address for security purpose.


    # Generated by iptables-save v1.3.5 on Tue Dec 18 17:17:56 2012
    *mangle
    :PREROUTING ACCEPT [43708199:16022809581]
    :INPUT ACCEPT [14371379:8080739466]
    :FORWARD ACCEPT [29421811:7952789018]
    :OUTPUT ACCEPT [14455631:7862946327]
    :POSTROUTING ACCEPT [43877417:15815734057]
    COMMIT
    # Completed on Tue Dec 18 17:17:56 2012
    # Generated by iptables-save v1.3.5 on Tue Dec 18 17:17:56 2012
    *nat
    :PREROUTING ACCEPT [1398405:96752787]
    :POSTROUTING ACCEPT [440437:37607386]
    :OUTPUT ACCEPT [371221:24085902]
    -A PREROUTING -p tcp -m iprange --dst-range 56.246.190.57-56.246.190.72 -j DNAT --to-destination 124.175.190.17-124.175.190.26
    -A PREROUTING -s 192.168.10.0/255.255.255.0 -d ! 198.66.215.72 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128
    -A PREROUTING -p tcp -m tcp --dport 5050 -j REDIRECT --to-ports 16667
    -A PREROUTING -p tcp -m tcp --dport 5222 -j REDIRECT --to-ports 16667
    -A PREROUTING -p tcp -m tcp --dport 1863 -j REDIRECT --to-ports 16667
    -A PREROUTING -p tcp -m tcp --dport 5223 -j REDIRECT --to-ports 16667
    -A PREROUTING -p tcp -m tcp --dport 5190 -j REDIRECT --to-ports 16667
    -A PREROUTING -p tcp -m tcp --dport 6667 -j REDIRECT --to-ports 16667
    -A PREROUTING -p tcp -m tcp --dport 8074 -j REDIRECT --to-ports 16667
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -p tcp -m tcp --dport 80 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -p tcp -m tcp --dport 443 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -p tcp -m tcp --dport 465 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -p tcp -m tcp --dport 25 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -p tcp -m tcp --dport 995 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -p tcp -m tcp --dport 1723 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -p tcp -m tcp --dport 5228 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -p udp -m udp --dport 1723 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -p udp -m udp --dport 4500 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -p udp -m udp --dport 500 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -p udp -m udp --dport 10000 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -p udp -m udp --dport 5060:5061 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -p udp -m udp --dport 123 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -p udp -m udp --dport 69 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -p udp -m udp --dport 10000:20000 -j MASQUERADE
    -A POSTROUTING -d 143.69.16.203 -p tcp -m tcp --dport 22 -j MASQUERADE
    -A POSTROUTING -d 143.69.16.200 -p tcp -m tcp --dport 22 -j MASQUERADE
    -A POSTROUTING -d 143.69.16.201 -p tcp -m tcp --dport 22 -j MASQUERADE
    -A POSTROUTING -d 143.69.16.202 -p tcp -m tcp --dport 22 -j MASQUERADE
    -A POSTROUTING -d 198.69.187.74 -p tcp -m tcp --dport 22 -j MASQUERADE
    -A POSTROUTING -d 216.27.143.45 -p tcp -m tcp --dport 30000 -j MASQUERADE
    -A POSTROUTING -d 175.139.153.176 -p tcp -m tcp --dport 22 -j MASQUERADE
    -A POSTROUTING -d 187.72.56.195 -p tcp -m tcp --dport 22 -j MASQUERADE
    -A POSTROUTING -d 184.62.19.69 -j MASQUERADE
    -A POSTROUTING -d 174.139.217.151 -j MASQUERADE
    -A POSTROUTING -d 198.68.215.75 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -p tcp -m tcp --dport 587 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -p tcp -m tcp --dport 20 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -p tcp -m tcp --dport 21 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -p tcp -m tcp --dport 993 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -p tcp -m tcp --dport 115 -j MASQUERADE
    -A POSTROUTING -d 175.129.145.154 -p tcp -m tcp --dport 3306 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -p tcp -m tcp --dport 1194 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -d 114.37.189.48 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -p tcp -m tcp --dport 23399 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -d 219.131.141.210 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -d 115.41.171.220 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -p tcp -m tcp --dport 21003 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -d 66.86.57.128 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -d 66.66.249.190 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -d 66.147.108.91 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -d 69.160.128.176 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -d 67.170.128.178 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -d 63.67.249.176 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -d 23.43.238.154 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -d 66.45.62.171 -j MAMASQUERADE
    SQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -d 56.46.57.167 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -d 66.40.57.51 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -d 56.160.127.178 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -d 23.21.232.102 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -d 50.67.176.165 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -d 16.159.34.65 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -d 16.159.34.66 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -d 25.23.76.73 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -d 67.62.245.176 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -d 167.22.240.39 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -d 184.129.69.130 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -d 182.17.150.39 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -d 67.197.167.108 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -d 178.61.235.72 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -d 198.61.215.53 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -d 173.255.226.10 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -d 23.73.200.160 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -d 64.82.249.166 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -d 194.72.44.79 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -d 67.28.43.116 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -d 166.79.4.110 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -d 166.68.7.176 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -d 173.180.210.121 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -d 50.73.28.1 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -d 198.61.6.74 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -d 198.71.20.124 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -d 174.47.170.186 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -p tcp -m tcp --dport 3306 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -p udp -m udp --dport 3306 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -d 56.27.151.39 -j MASQUERADE
    -A POSTROUTING -s 192.168.10.0/255.255.255.0 -d 129.227.23.139 -j MASQUERADE
    COMMIT
    # Completed on Tue Dec 18 17:17:56 2012
    # Generated by iptables-save v1.3.5 on Tue Dec 18 17:17:56 2012
    *filter
    :INPUT ACCEPT [14371399:8080743810]
    :FORWARD ACCEPT [29421811:7952789906]
    :OUTPUT ACCEPT [14455651:7862949238]
    -A INPUT -s 192.168.10.0/255.255.255.0 -d 124.247.24.8 -j ACCEPT
    -A INPUT -p tcp -m iprange --dst-range 69.67.176.131-69.73.186.199 -j REJECT --reject-with icmp-port-unreachable
    -A INPUT -p tcp -m iprange --src-range 69.67.176.131-69.73.186.199 -j REJECT --reject-with icmp-port-unreachable
    -A INPUT -s 38.121.108.165 -j DROP
    -A INPUT -s 38.121.108.166 -j DROP
    -A INPUT -s 65.71.85.21 -j DROP
    -A INPUT -s 65.71.85.22 -j DROP
    -A FORWARD -p tcp -m iprange --dst-range 68.63.156.161-68.63.156.199 -j REJECT --reject-with icmp-port-unreachable
    -A FORWARD -p tcp -m tcp --dport 5222 -j REJECT --reject-with icmp-port-unreachable
    -A FORWARD -p tcp -m tcp --dport 5333 -j REJECT --reject-with icmp-port-unreachable
    -A FORWARD -p tcp -m tcp --dport 5223 -j REJECT --reject-with icmp-port-unreachable
    -A FORWARD -s 192.168.10.0/255.255.255.0 -d 74.135.165.125 -p tcp -j DROP
    -A FORWARD -d 209.45.239.167 -p tcp -m tcp --dport 443 -j REJECT --reject-with icmp-port-unreachable
    -A FORWARD -d 76.114.203.125 -p tcp -m tcp --dport 443 -j REJECT --reject-with icmp-port-unreachable
    -A FORWARD -d 289.65.137.128 -p tcp -m tcp --dport 443 -j REJECT --reject-with icmp-port-unreachable
    -A FORWARD -d 74.135.65.129 -p tcp -m tcp --dport 443 -j REJECT --reject-with icmp-port-unreachable
    -A FORWARD -d 44.175.95.125 -p tcp -m tcp --dport 443 -j REJECT --reject-with icmp-port-unreachable
    -A FORWARD -d 74.125.145.15 -p tcp -m tcp --dport 443 -j REJECT --reject-with icmp-port-unreachable
    -A FORWARD -d 89.125.57.185 -p tcp -m tcp --dport 443 -j REJECT --reject-with icmp-port-unreachable
    -A FORWARD -d 74.185.93.145 -p tcp -m tcp --dport 443 -j REJECT --reject-with icmp-port-unreachable
    -A FORWARD -d 74.15.45.135 -p tcp -m tcp --dport 443 -j REJECT --reject-with icmp-port-unreachable
    -A FORWARD -d 208.85.143.118 -p tcp -m tcp --dport 443 -j REJECT --reject-with icmp-port-unreachable
    -A FORWARD -d 209.35.13.129 -p tcp -m tcp --dport 80 -j REJECT --reject-with icmp-port-unreachable
    -A OUTPUT -p tcp -m iprange --dst-range 66.63.146.161-66.63.146.199 -j REJECT --reject-with icmp-port-unreachable
    COMMIT
    # Completed on Tue Dec 18 17:17:56 2012


    Thanks
    Lakhan

  4. #4
    Just Joined!
    Join Date
    Feb 2013
    Posts
    4
    Hi All,

    I have seen that when I am uploading from FTP it is working well but once I tried with browser connection getting reset. I am not getting any error at the end, Is there any kind of blocking or session time out on squid/dansguardian/iptables? which is reseting the connection.

    Please please please give your suggestions and ideas.

    Thanks

    Lakhan

  5. #5
    Linux Guru Lazydog's Avatar
    Join Date
    Jun 2004
    Location
    The Keystone State
    Posts
    2,677
    Is this firewall on the device that is directly connected to the internet? I am hoping you will say no but I fear this is your internet firewall.

    Your firewall is what we call Firewall Hell. It has no structure and is Hell to troubleshoot

    You need to start using interface -i so that rules apply to one direction. Presently your rules apply to all interfaces in every direction. I believe this is why you are having the issues you are having.

    I am currently at work but when I get home tonight I'll go over your rules and get this sorted out.

    I need to know what intoerface is connected to the inside and what is connected to the outside. Also if the proxy is on this box or another one.

    Regards
    Robert

    Linux
    The adventure of a life time.

    Linux User #296285
    Get Counted

  6. #6
    Just Joined!
    Join Date
    Feb 2013
    Posts
    4
    Hi Robart,

    Thanks a lot for your reply. Please find the ans. of your questions.

    Is this firewall on the device that is directly connected to the internet? : Unfortunately Yes. It is setup earlier, I dont have any idea about that setup.

    I have three interfaces:
    Eth0: Local network (192.168.10.0)
    Eth1: Backup Internet Link
    Eth2: Primary Internet Link


    Also if the proxy is on this box or another one. : Proxy also on same box

    Kindly help me out I am really struggling with this. Your suggestions will be precious for me.

    Thanks

    Lakhan

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •