Friday, February 15, 2013

iptables slow down http and https

With:

-P INPUT DROP
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 443 -j ACCEPT

Websites on the server will response very slowly.

But if you add:

 -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT

 Websites will response fast as usual.

0 comments:

Post a Comment