Okay I finally made it through my kernel recompile with iptables 1.2.7a in
there, and it seems to be working (I can do a #iptables -L and it lists my
default chains) but there's about a 10-second delay with anything
network-related now. When I ssh to the box, it used to come up immediately,
now there's the delay. When I lynx to a site, delay. When I ping, I get
useful info, then a delay.
The is the output of a simple ping apple.com:
PING apple.com (18.104.22.168) from 10.1.1.8 : 56(84) bytes of data.
WARNING: failed to install socket filter
: Protocol not available
64 bytes from apple.com (22.214.171.124): icmp_seq=1 ttl=51 time=49.8 ms
64 bytes from apple.com (126.96.36.199): icmp_seq=2 ttl=51 time=50.5 ms
64 bytes from apple.com (188.8.131.52): icmp_seq=3 ttl=51 time=56.7 ms
64 bytes from apple.com (184.108.40.206): icmp_seq=4 ttl=51 time=58.8 ms
--- apple.com ping statistics ---
4 packets transmitted, 4 received, 0% loss, time 15398ms
rtt min/avg/max/mdev = 49.835/53.987/58.830/3.877 ms
Notice the time 15398ms... It comes up after a couple seconds with the
WARNING, then delays about 5 seconds, then spits out the ping info slowly,
even though the return times may be under 10ms.
So what's up with the failing to install socket filter stuff? What did I do
to my kernel? :-)
Machine info: RH 7.3 on a Dell PE 350, with a newly compiled 2.4.19 kernel
and compiled iptables 1.2.7a (tried 1.2.6a with same results). I have
completely removed ipchains.
If anyone wants to see my kernel config file, or some of the flags from it,