Hi there,
i'm running E-smith 5.5 as a gateway on a ADSL connection. When playing starcraft via battle.net, i do get a connection, but this is too slow too play normally, although bandwidth looks ok, latency is very bad.
I seem to get a lot of masquerading connections when connected to battle.net (see output below)
Does anyone have an idea what could be the problem here?
Thanks,
Yogi
Ipchains output:
=====================
# ipchains -M -L
IP masquerading entries
prot expire source destination ports
UDP 09:38.47 192.168.1.65 213.248.106.204 6112 (61887) -> 6112
UDP 02:30.31 192.168.1.65 h163n2fls35o836.telia.com 6112 (61905) -> 6112
UDP 01:18.31 192.168.1.65 225.72.3.213.dial.bluewin.ch 6112 (61898) -> 15799
UDP 01:09.19 192.168.1.65 metalwolf.dabs.net 6112 (61896) -> 1044
UDP 02:18.36 192.168.1.65 ARouen-106-1-17-151.abo.wanadoo.fr 6112 (61904) -> 6112
UDP 01:54.36 192.168.1.65 lns-th2-3-81-56-29-152.adsl.proxad.net 6112 (61902) -> 6112
UDP 01:42.35 192.168.1.65 ca-tours-3-251.abo.wanadoo.fr 6112 (61901) -> 6112
UDP 01:30.32 192.168.1.65 mp-216-50-250.daxnet.no 6112 (61900) -> 6112
UDP 01:18.31 192.168.1.65 m250.net81-66-108.noos.fr 6112 (61897) -> 6112
UDP 02:06.32 192.168.1.65 kbl-gs13912.zeelandnet.nl 6112 (61903) -> 6112
UDP 01:09.17 192.168.1.65 cc250736-b.eelde1.dr.home.nl 6112 (61895) -> 6112
UDP 01:18.32 192.168.1.65 81.220.212.237 6112 (61899) -> 1028
output of my ipchains:
# ipchains -L
Chain input (policy DENY):
target prot opt source destination ports
icmpIn icmp ------ anywhere anywhere any -> any
ACCEPT all ------ anywhere anywhere n/a
denylog tcp ------ anywhere anywhere 0:chargen -> any
denylog udp ------ anywhere anywhere 0:chargen -> any
denylog tcp ------ anywhere anywhere any -> 0:chargen
denylog udp ------ anywhere anywhere any -> 0:chargen
DENY all ------ BASE-ADDRESS.MCAST.NET/4 anywhere n/a
DENY all ------ anywhere BASE-ADDRESS.MCAST.NET/4 n/a
ACCEPT tcp ------ anywhere 10.0.0.150 any -> 6112
ACCEPT udp ------ anywhere 10.0.0.150 any -> 6112
ACCEPT tcp ------ anywhere localhost any -> www
ACCEPT tcp ------ anywhere mydomain any -> www
ACCEPT tcp ------ anywhere 10.0.0.150 any -> www
REDIRECT tcp ------ 192.168.1.0/24 anywhere any -> www => squid
ACCEPT all ------ 192.168.1.0/24 anywhere n/a
ACCEPT tcp !y---- anywhere anywhere any -> any
ACCEPT tcp ------ anywhere 10.0.0.150 any -> auth
ACCEPT udp ------ anywhere 10.0.0.150 any -> 113
ACCEPT udp ------ anywhere anywhere bootps:bootpc -> any
ACCEPT tcp ------ anywhere 10.0.0.150 any -> www
ACCEPT tcp ------ anywhere 10.0.0.150 any -> https
ACCEPT tcp ------ anywhere 10.0.0.150 any -> imaps
ACCEPT ipv6-crypt------ anywhere 10.0.0.150 n/a
ACCEPT udp ------ anywhere 10.0.0.150 500 -> 500
ACCEPT tcp ------ anywhere 10.0.0.150 any -> ldap
ACCEPT udp ------ fistix.xs4all.nl anywhere any -> ntp
ACCEPT tcp ------ anywhere 10.0.0.150 any -> pop3s
ACCEPT gre ------ anywhere 10.0.0.150 n/a
ACCEPT tcp ------ anywhere 10.0.0.150 any -> smtp
ACCEPT tcp ------ anywhere 10.0.0.150 any -> ssh
ACCEPT tcp ------ anywhere 10.0.0.150 any -> smtps
denylog tcp -y---- anywhere 10.0.0.150 any -> mysql
DENY udp ------ anywhere anywhere any -> route
DENY tcp ------ anywhere anywhere any -> netbios-ns:netbios-ssn
DENY udp ------ anywhere anywhere any -> netbios-ns:netbios-ssn
denylog tcp -y---- anywhere 10.0.0.150 any -> squid
ACCEPT tcp -y---- anywhere 10.0.0.150 ftp-data -> 1024:65535
ACCEPT tcp ------ anywhere anywhere any -> 1024:65535
ACCEPT udp ------ anywhere anywhere any -> 1024:65535
denylog all ------ anywhere anywhere n/a
Chain forward (policy DENY):
target prot opt source destination ports
ACCEPT all ------ 192.168.1.0/24 192.168.1.0/24 n/a
ACCEPT all ------ 192.168.1.0/24 192.168.1.0/24 n/a
MASQ all ------ 192.168.1.0/24 anywhere n/a
DENY all ------ anywhere anywhere n/a
Chain output (policy ACCEPT):
target prot opt source destination ports
icmpOut icmp ------ anywhere anywhere any -> any
- tcp ------ anywhere anywhere any -> www
- tcp ------ anywhere anywhere any -> ssh
- tcp ------ anywhere anywhere any -> telnet
- tcp ------ anywhere anywhere any -> ftp
- tcp ------ anywhere anywhere any -> pop3
- tcp ------ anywhere anywhere any -> smtp
- tcp ------ anywhere anywhere any -> ftp-data
ACCEPT all ------ anywhere anywhere n/a
DENY all ------ BASE-ADDRESS.MCAST.NET/4 anywhere n/a
DENY all ------ anywhere BASE-ADDRESS.MCAST.NET/4 n/a
ACCEPT tcp !y---- 10.0.0.150 anywhere 6112 -> any
ACCEPT icmp ------ 192.168.1.0/24 anywhere any -> any
ACCEPT all ------ anywhere 192.168.1.0/24 n/a
ACCEPT tcp !y---- 10.0.0.150 anywhere www -> any
ACCEPT tcp !y---- 10.0.0.150 anywhere https -> any
ACCEPT tcp !y---- 10.0.0.150 anywhere imaps -> any
ACCEPT tcp !y---- 10.0.0.150 anywhere ldap -> any
ACCEPT tcp !y---- 10.0.0.150 anywhere pop3s -> any
ACCEPT tcp !y---- 10.0.0.150 anywhere smtp -> any
ACCEPT tcp !y---- 10.0.0.150 anywhere ssh -> any
ACCEPT tcp !y---- 10.0.0.150 anywhere smtps -> any
ACCEPT all ------ anywhere anywhere n/a
Chain denylog (9 references):
target prot opt source destination ports
DENY all ------ anywhere anywhere n/a
Chain icmpIn (1 references):
target prot opt source destination ports
ACCEPT icmp ------ anywhere anywhere echo-reply
ACCEPT icmp ------ anywhere anywhere destination-unreachable
ACCEPT icmp ------ anywhere anywhere source-quench
ACCEPT icmp ------ anywhere anywhere time-exceeded
ACCEPT icmp ------ anywhere anywhere parameter-problem
ACCEPT icmp ------ anywhere anywhere echo-request
ACCEPT icmp ------ 192.168.1.0/24 anywhere any -> any
denylog all ------ anywhere anywhere n/a
Chain icmpOut (1 references):
target prot opt source destination ports
ACCEPT icmp ------ anywhere anywhere echo-request
ACCEPT icmp ------ anywhere anywhere echo-reply
ACCEPT icmp ------ anywhere anywhere destination-unreachable
ACCEPT icmp ------ anywhere anywhere source-quench
ACCEPT icmp ------ anywhere anywhere time-exceeded
ACCEPT icmp ------ anywhere anywhere parameter-problem
denylog all ------ anywhere anywhere n/a
1 Replies
661 Views