Sveiki :)

Apturiu siuo metu tokia keista, is niekur ishdygusia problema ir mastau ar rekt 
ant ISP ar ne :)

Neseniai dingo ryshys su kai kuriais uzhsienio saitais (pvz digg.com, yahoo kai 
kuriais servais). Smagiausia, kad jeigu ishjungiu firewalla (iptables 1.4.1.1) - 
t.y. isvalau visas taisykles - atsiranda tas rysys is localhosto. Su links galiu 
browsint.

Bet jei pridedi 1 taisykle:

iptables -t nat -A POSTROUTING -s 192.168.0.0/16 -j MASQUERADE
(arba SNAT, skirtumo ner)

bam! po 3-5 sekundziu dingsta rysis su tais psl. Kiti skrenda normaliai.

Tos 3-5 sekundes man suka galva, kad cia ISP kaltas.

+ kitas dalykas, jeigu imetu dar ir sita:

iptables -t nat -I POSTROUTING -s 192.168.0.0/16 -j DROP

Tai praeina tos 3-5 sekundes ir atsiranda vel i digg.com rysys :))
toks jausmas, kad ISP filtruoja kazkokiu mistiniu budu.

Geriausia, kad jeigu yra toks taisykliu rinkinys:

# Generated by iptables-save v1.4.1.1 on Tue Jan  6 21:56:58 2009
*nat
:PREROUTING ACCEPT [1150:96504]
:POSTROUTING ACCEPT [45:2631]
:OUTPUT ACCEPT [14:885]
-A POSTROUTING -s 192.168.0.0/16 -o eth1 -j DROP
-A POSTROUTING -o eth1 -j MASQUERADE
COMMIT
# Completed on Tue Jan  6 21:56:58 2009
# Generated by iptables-save v1.4.1.1 on Tue Jan  6 21:56:58 2009
*mangle
:PREROUTING ACCEPT [73852:60657760]
:INPUT ACCEPT [830:108703]
:FORWARD ACCEPT [72989:60539679]
:OUTPUT ACCEPT [808:91421]
:POSTROUTING ACCEPT [73797:60631100]
COMMIT
# Completed on Tue Jan  6 21:56:58 2009
# Generated by iptables-save v1.4.1.1 on Tue Jan  6 21:56:58 2009
*filter
:INPUT ACCEPT [830:108703]
:FORWARD ACCEPT [72992:60539811]
:OUTPUT ACCEPT [808:91421]
COMMIT
# Completed on Tue Jan  6 21:56:58 2009

Tai ish localhosto irgi skrenda digg.com :)

Gal kas turit ideju, kuom tas digg ir yahoo toks mistiskai ypatingas ir kas cia 
is vis vyksta? :)