| Summary: | KSplash hangs for 2 minutes after first login with iptables rules | ||
|---|---|---|---|
| Product: | [Unmaintained] ksplash | Reporter: | vcp85658 |
| Component: | general | Assignee: | Plasma Bugs List <plasma-bugs-null> |
| Status: | RESOLVED FIXED | ||
| Severity: | normal | CC: | kde, kde, nate |
| Priority: | NOR | ||
| Version First Reported In: | 5.27.11 | ||
| Target Milestone: | --- | ||
| Platform: | Kubuntu | ||
| OS: | Linux | ||
| Latest Commit: | Version Fixed/Implemented In: | ||
| Sentry Crash Report: | |||
| Attachments: |
journalctl with iptables on
journalctl without iptables rules |
||
Created attachment 175655 [details]
journalctl without iptables rules
I suspect this is a case of misconfiguration and that the following lines are related to it:
> After=systemd-sysctl.service
> Before=sysinit.target
> WantedBy=multi-user.target" > /etc/systemd/system/iptables.service
But I'm not knowledgeable enough on the subject to say for certain.
After several tests, I was able to finally find a solution. I just added the following rule to fix the issue: ip6tables -A INPUT -i l0 -j ACCEPT |
Created attachment 175654 [details] journalctl with iptables on Hello, after doing a fresh install of KUbuntu 24.04.1, I am experiencing an issue after submitting my password on the login screen which might be connected to SDDM or KSplash, I'm not sure. After submitting my password, my screen becomes black and I can only move the mouse cursor. I have to wait between 2 and 3 minutes until something times out, and then the desktop shows up. If I disable the iptables service, or enable it without the rules, everything is working fine, my desktop shows up right after I submit my password. Hence, I suspect that the issue is related to my iptables configuration but I cannot find why. In addition, I don't have the problem with Kubuntu 22.04 nor with Ubuntu 24.01 with Gnome. This weird behavior appears after I run a script which add some iptables rules: #!/bin/bash echo "#!/bin/bash iptables -F iptables -P INPUT DROP iptables -N LOG_DROP iptables -A LOG_DROP -j LOG --log-prefix '[IPTABLES DROP] : ' iptables -A LOG_DROP -j DROP iptables -N LOG_ACCEPT iptables -A LOG_ACCEPT -j LOG --log-prefix '[IPTABLES ACCEPT] : ' iptables -A LOG_ACCEPT -j ACCEPT ip6tables -N LOG_ACCEPT ip6tables -A LOG_ACCEPT -j LOG --log-prefix '[IPTABLES ACCEPT] : ' ip6tables -A LOG_ACCEPT -j ACCEPT iptables -A INPUT -i lo -j ACCEPT iptables -A INPUT -m state --state ESTABLISHED,RELATED -j LOG_ACCEPT iptables -A INPUT -j LOG_DROP iptables -A FORWARD -j LOG_DROP ip6tables -F INPUT ip6tables -F OUTPUT ip6tables -F FORWARD ip6tables -F # Allow ICMP #ip6tables -A INPUT -p icmpv6 -j ACCEPT ip6tables -A INPUT -m state --state ESTABLISHED,RELATED -j LOG_ACCEPT ip6tables -P INPUT DROP" > /etc/init.d/firewall chmod +x /etc/init.d/firewall #update-rc.d firewall defaults #/etc/init.d/firewall echo "[Unit] Description=Packet Filtering Framework DefaultDependencies=no After=systemd-sysctl.service Before=sysinit.target [Service] Type=oneshot ExecStart=/etc/init.d/firewall ExecReload=/etc/init.d/firewall ExecStop=/etc/init.d/firewall RemainAfterExit=yes [Install] WantedBy=multi-user.target" > /etc/systemd/system/iptables.service systemctl enable iptables systemctl start iptables