Ubuntu iptables web browsing

Question

I am trying to build iptables to protect my system. After I save my iptables, I cannot connect to any web page (through browser or wget). Is it perhaps related to DNS? I tried to access http://74.125.71.103, and it won't connect either.

The following are my iptables rules:

#!/bin/bash
#Clear existing rule
iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
#Clear existing rule
#Drop all input.
iptables -P INPUT DROP
#Accept output or forward
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT
#Accept local data transfer
iptables -A INPUT -i lo -j ACCEPT
#Log to /var/log/messages
iptables -A INPUT -j LOG --log-level 4
#Accept ssh connection
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
#Accept http connection
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
#Accept ping reply
iptables -A INPUT -p icmp --icmp-type echo-reply -j ACCEPT
#Limit ping request per 2/s one.
iptables -A INPUT -p icmp --icmp-type echo-request -m limit --limit 30/m --limit-burst 1 -j ACCEPT
#If over than 2/s, drop
iptables -A INPUT -p icmp --icmp-type echo-request -j DROP
#??????
iptables -N syn-flood 
#??????
iptables -A syn-flood -m limit --limit 50/s --limit-burst 10 -j RETURN 
#??????
iptables -A syn-flood -j DROP 
#??????
iptables -I INPUT -j syn-flood

/var/log/syslog

Aug 10 11:47:56 daivd-VirtualBox kernel: [ 6257.401990] IN=eth0 OUT= MAC=08:00:27:6a:eb:c3:10:56:ca:03:de:ac:08:00 SRC=74.125.71.103 DST=10.10.11.40 LEN=60 TOS=0x00 PREC=0x00 TTL=49 ID=15037 PROTO=TCP SPT=80 DPT=33029 WINDOW=14180 RES=0x00 ACK SYN URGP=0 
Aug 10 11:47:56 daivd-VirtualBox kernel: [ 6257.658071] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:70:56:81:bc:2e:2d:08:00 SRC=10.10.10.242 DST=255.255.255.255 LEN=139 TOS=0x00 PREC=0x00 TTL=64 ID=33713 PROTO=UDP SPT=17500 DPT=17500 LEN=119 
Aug 10 11:47:56 daivd-VirtualBox kernel: [ 6257.658494] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:70:56:81:bc:2e:2d:08:00 SRC=10.10.10.242 DST=10.10.255.255 LEN=139 TOS=0x00 PREC=0x00 TTL=64 ID=20162 PROTO=UDP SPT=17500 DPT=17500 LEN=119 
Aug 10 11:47:57 daivd-VirtualBox kernel: [ 6257.799861] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:1f:16:0a:2d:2a:08:00 SRC=10.10.10.222 DST=255.255.255.255 LEN=215 TOS=0x00 PREC=0x00 TTL=128 ID=27336 PROTO=UDP SPT=17500 DPT=17500 LEN=195 
Aug 10 11:47:57 daivd-VirtualBox kernel: [ 6257.802066] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:1f:16:0a:2d:2a:08:00 SRC=10.10.10.222 DST=255.255.255.255 LEN=215 TOS=0x00 PREC=0x00 TTL=128 ID=27337 PROTO=UDP SPT=17500 DPT=17500 LEN=195 
Aug 10 11:47:57 daivd-VirtualBox kernel: [ 6257.804386] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:1f:16:0a:2d:2a:08:00 SRC=10.10.10.222 DST=10.10.255.255 LEN=215 TOS=0x00 PREC=0x00 TTL=128 ID=27338 PROTO=UDP SPT=17500 DPT=17500 LEN=195 
Aug 10 11:47:58 daivd-VirtualBox kernel: [ 6258.928197] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:25:64:d1:18:64:08:00 SRC=10.10.10.126 DST=255.255.255.255 LEN=340 TOS=0x00 PREC=0x00 TTL=128 ID=29997 PROTO=UDP SPT=58306 DPT=2654 LEN=320 
Aug 10 11:47:58 daivd-VirtualBox kernel: [ 6258.931578] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:25:64:d1:18:64:08:00 SRC=10.10.10.126 DST=255.255.255.255 LEN=349 TOS=0x00 PREC=0x00 TTL=128 ID=29998 PROTO=UDP SPT=58307 DPT=2654 LEN=329 
Aug 10 11:47:58 daivd-VirtualBox kernel: [ 6259.127332] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:25:64:de:73:e7:08:00 SRC=10.10.10.137 DST=10.10.255.255 LEN=68 TOS=0x00 PREC=0x00 TTL=128 ID=19951 PROTO=UDP SPT=65239 DPT=1947 LEN=48 
Aug 10 11:47:58 daivd-VirtualBox kernel: [ 6259.231502] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:78:45:c4:04:10:1d:08:00 SRC=10.10.11.4 DST=255.255.255.255 LEN=156 TOS=0x00 PREC=0x00 TTL=128 ID=181 PROTO=UDP SPT=51641 DPT=10019 LEN=136 
Aug 10 11:47:58 daivd-VirtualBox kernel: [ 6259.349181] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:d4:be:d9:eb:05:8c:08:00 SRC=10.10.10.241 DST=10.10.255.255 LEN=140 TOS=0x00 PREC=0x00 TTL=128 ID=14095 PROTO=UDP SPT=17500 DPT=17500 LEN=120 
Aug 10 11:47:59 daivd-VirtualBox kernel: [ 6259.845218] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:d4:be:d9:eb:05:8c:08:00 SRC=10.10.10.241 DST=10.10.255.255 LEN=72 TOS=0x00 PREC=0x00 TTL=128 ID=14099 PROTO=UDP SPT=63475 DPT=61117 LEN=52 
Aug 10 11:47:59 daivd-VirtualBox kernel: [ 6260.255308] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:78:45:c4:04:10:1d:08:00 SRC=10.10.11.4 DST=255.255.255.255 LEN=156 TOS=0x00 PREC=0x00 TTL=128 ID=186 PROTO=UDP SPT=61588 DPT=10019 LEN=136 
Aug 10 11:48:00 daivd-VirtualBox kernel: [ 6261.175927] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:78:45:c4:04:10:1d:08:00 SRC=10.10.11.4 DST=255.255.255.255 LEN=156 TOS=0x00 PREC=0x00 TTL=128 ID=189 PROTO=UDP SPT=61591 DPT=10019 LEN=136 
Aug 10 11:48:00 daivd-VirtualBox kernel: [ 6261.585895] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:25:64:d1:17:84:08:00 SRC=10.10.10.150 DST=255.255.255.255 LEN=179 TOS=0x00 PREC=0x00 TTL=128 ID=9256 PROTO=UDP SPT=17500 DPT=17500 LEN=159 
Aug 10 11:48:00 daivd-VirtualBox kernel: [ 6261.591672] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:25:64:d1:17:84:08:00 SRC=10.10.10.150 DST=10.10.255.255 LEN=179 TOS=0x00 PREC=0x00 TTL=128 ID=9257 PROTO=UDP SPT=17500 DPT=17500 LEN=159 
Aug 10 11:48:01 daivd-VirtualBox kernel: [ 6261.898906] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:25:64:d1:18:64:08:00 SRC=10.10.10.126 DST=255.255.255.255 LEN=340 TOS=0x00 PREC=0x00 TTL=128 ID=30004 PROTO=UDP SPT=58308 DPT=2654 LEN=320 
Aug 10 11:48:02 daivd-VirtualBox kernel: [ 6263.225809] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:78:45:c4:04:10:1d:08:00 SRC=10.10.11.4 DST=255.255.255.255 LEN=156 TOS=0x00 PREC=0x00 TTL=128 ID=195 PROTO=UDP SPT=50581 DPT=10019 LEN=136 
Aug 10 11:48:03 daivd-VirtualBox kernel: [ 6264.248651] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:78:45:c4:04:10:1d:08:00 SRC=10.10.11.4 DST=255.255.255.255 LEN=156 TOS=0x00 PREC=0x00 TTL=128 ID=202 PROTO=UDP SPT=51358 DPT=10019 LEN=136 
Aug 10 11:48:04 daivd-VirtualBox kernel: [ 6264.862692] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:d4:be:d9:eb:05:8c:08:00 SRC=10.10.10.241 DST=10.10.255.255 LEN=72 TOS=0x00 PREC=0x00 TTL=128 ID=14116 PROTO=UDP SPT=63475 DPT=61117 LEN=52 
Aug 10 11:48:04 daivd-VirtualBox kernel: [ 6264.965751] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:25:64:d1:18:3a:08:00 SRC=10.10.11.6 DST=255.255.255.255 LEN=252 TOS=0x00 PREC=0x00 TTL=128 ID=26137 PROTO=UDP SPT=17500 DPT=17500 LEN=232 
Aug 10 11:48:04 daivd-VirtualBox kernel: [ 6264.968274] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:25:64:d1:18:3a:08:00 SRC=10.10.11.6 DST=10.10.255.255 LEN=252 TOS=0x00 PREC=0x00 TTL=128 ID=26138 PROTO=UDP SPT=17500 DPT=17500 LEN=232 
Aug 10 11:48:04 daivd-VirtualBox kernel: [ 6264.971535] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:25:64:d1:18:64:08:00 SRC=10.10.10.126 DST=255.255.255.255 LEN=340 TOS=0x00 PREC=0x00 TTL=128 ID=30008 PROTO=UDP SPT=58310 DPT=2654 LEN=320 
Aug 10 11:48:05 daivd-VirtualBox kernel: [ 6266.296596] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:78:45:c4:04:10:1d:08:00 SRC=10.10.11.4 DST=255.255.255.255 LEN=156 TOS=0x00 PREC=0x00 TTL=128 ID=204 PROTO=UDP SPT=51364 DPT=10019 LEN=136 
Aug 10 11:48:06 daivd-VirtualBox kernel: [ 6267.217873] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:78:45:c4:04:10:1d:08:00 SRC=10.10.11.4 DST=255.255.255.255 LEN=156 TOS=0x00 PREC=0x00 TTL=128 ID=206 PROTO=UDP SPT=51367 DPT=10019 LEN=136 
Aug 10 11:48:07 daivd-VirtualBox kernel: [ 6268.038646] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:25:64:d1:18:64:08:00 SRC=10.10.10.126 DST=255.255.255.255 LEN=340 TOS=0x00 PREC=0x00 TTL=128 ID=30012 PROTO=UDP SPT=58312 DPT=2654 LEN=320 
Aug 10 11:48:07 daivd-VirtualBox kernel: [ 6268.041875] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:25:64:d1:18:64:08:00 SRC=10.10.10.126 DST=255.255.255.255 LEN=349 TOS=0x00 PREC=0x00 TTL=128 ID=30013 PROTO=UDP SPT=58313 DPT=2654 LEN=329 
Aug 10 11:48:07 daivd-VirtualBox kernel: [ 6268.241592] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:78:45:c4:04:10:1d:08:00 SRC=10.10.11.4 DST=255.255.255.255 LEN=156 TOS=0x00 PREC=0x00 TTL=128 ID=207 PROTO=UDP SPT=51370 DPT=10019 LEN=136 
Aug 10 11:48:09 daivd-VirtualBox kernel: [ 6269.879465] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:d4:be:d9:eb:05:8c:08:00 SRC=10.10.10.241 DST=10.10.255.255 LEN=72 TOS=0x00 PREC=0x00 TTL=128 ID=14131 PROTO=UDP SPT=63475 DPT=61117 LEN=52 
Aug 10 11:48:09 daivd-VirtualBox kernel: [ 6270.189338] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:24:1d:76:a7:5f:08:00 SRC=10.10.10.138 DST=255.255.255.255 LEN=324 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=17500 DPT=17500 LEN=304 
Aug 10 11:48:09 daivd-VirtualBox kernel: [ 6270.292031] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:78:45:c4:04:10:1d:08:00 SRC=10.10.11.4 DST=255.255.255.255 LEN=156 TOS=0x00 PREC=0x00 TTL=128 ID=209 PROTO=UDP SPT=51376 DPT=10019 LEN=136 
Aug 10 11:48:09 daivd-VirtualBox kernel: [ 6270.296862] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:25:64:d1:18:13:08:00 SRC=10.10.10.162 DST=10.10.255.255 LEN=213 TOS=0x00 PREC=0x00 TTL=128 ID=7101 PROTO=UDP SPT=17500 DPT=17500 LEN=193 
Aug 10 11:48:10 daivd-VirtualBox kernel: [ 6271.008001] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:25:64:d1:18:64:08:00 SRC=10.10.10.126 DST=255.255.255.255 LEN=340 TOS=0x00 PREC=0x00 TTL=128 ID=30019 PROTO=UDP SPT=58314 DPT=2654 LEN=320 
Aug 10 11:48:10 daivd-VirtualBox kernel: [ 6271.313573] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:78:45:c4:04:10:1d:08:00 SRC=10.10.11.4 DST=255.255.255.255 LEN=156 TOS=0x00 PREC=0x00 TTL=128 ID=211 PROTO=UDP SPT=51379 DPT=10019 LEN=136 
Aug 10 11:48:11 daivd-VirtualBox kernel: [ 6272.346588] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:78:45:c4:04:10:1d:08:00 SRC=10.10.11.4 DST=255.255.255.255 LEN=156 TOS=0x00 PREC=0x00 TTL=128 ID=214 PROTO=UDP SPT=58513 DPT=10019 LEN=136 
Aug 10 11:48:13 daivd-VirtualBox kernel: [ 6273.978028] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:25:64:d1:18:64:08:00 SRC=10.10.10.126 DST=255.255.255.255 LEN=340 TOS=0x00 PREC=0x00 TTL=128 ID=30022 PROTO=UDP SPT=58316 DPT=2654 LEN=320 
Aug 10 11:48:13 daivd-VirtualBox kernel: [ 6273.981011] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:25:64:d1:18:64:08:00 SRC=10.10.10.126 DST=255.255.255.255 LEN=347 TOS=0x00 PREC=0x00 TTL=128 ID=30023 PROTO=UDP SPT=58317 DPT=2654 LEN=327 
Aug 10 11:48:13 daivd-VirtualBox kernel: [ 6274.283547] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:78:45:c4:04:10:1d:08:00 SRC=10.10.11.4 DST=255.255.255.255 LEN=156 TOS=0x00 PREC=0x00 TTL=128 ID=216 PROTO=UDP SPT=58519 DPT=10019 LEN=136 
Aug 10 11:48:14 daivd-VirtualBox kernel: [ 6274.900480] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:d4:be:d9:eb:05:8c:08:00 SRC=10.10.10.241 DST=10.10.255.255 LEN=72 TOS=0x00 PREC=0x00 TTL=128 ID=14151 PROTO=UDP SPT=63475 DPT=61117 LEN=52 
Aug 10 11:48:14 daivd-VirtualBox kernel: [ 6275.205953] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:25:64:de:75:f9:08:00 SRC=10.10.10.173 DST=255.255.255.255 LEN=251 TOS=0x00 PREC=0x00 TTL=128 ID=23940 PROTO=UDP SPT=17500 DPT=17500 LEN=231 
Aug 10 11:48:15 daivd-VirtualBox kernel: [ 6276.331356] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:78:45:c4:04:10:1d:08:00 SRC=10.10.11.4 DST=255.255.255.255 LEN=156 TOS=0x00 PREC=0x00 TTL=128 ID=218 PROTO=UDP SPT=58525 DPT=10019 LEN=136 
Aug 10 11:48:16 daivd-VirtualBox kernel: [ 6277.049930] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:25:64:d1:18:64:08:00 SRC=10.10.10.126 DST=255.255.255.255 LEN=340 TOS=0x00 PREC=0x00 TTL=128 ID=30030 PROTO=UDP SPT=58318 DPT=2654 LEN=320 
Aug 10 11:48:16 daivd-VirtualBox kernel: [ 6277.253796] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:78:45:c4:04:10:1d:08:00 SRC=10.10.11.4 DST=255.255.255.255 LEN=156 TOS=0x00 PREC=0x00 TTL=128 ID=220 PROTO=UDP SPT=58528 DPT=10019 LEN=136 

Any idea why I cannot access the internet?

Additional information: I can ping 74.125.71.103 successfully, but cannot ping www.google.com Is it related to my problem?

daivd@daivd-VirtualBox:~/Desktop/Script$ ping 74.125.71.103
PING 74.125.71.103 (74.125.71.103) 56(84) bytes of data.
64 bytes from 74.125.71.103: icmp_req=1 ttl=54 time=148 ms
64 bytes from 74.125.71.103: icmp_req=2 ttl=54 time=14.9 ms
64 bytes from 74.125.71.103: icmp_req=3 ttl=54 time=9.37 ms
^C
--- 74.125.71.103 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2004ms
rtt min/avg/max/mdev = 9.371/57.686/148.765/64.442 ms
daivd@daivd-VirtualBox:~/Desktop/Script$ ping www.google.com
ping: unknown host www.google.com

Answer 1

You forgot to accept incoming packets on established or related channels. Your request gets out, but the firewall drops the response.