It's taken me some time to narrow down what's going on here. At first I thought outgoing video was being blocked altogether but it turns out that is not the case.
I have a quad core 3GHz PC with 8GB of RAM, with Kubuntu 12.04, running iptables, acting as my firewall/router. Eth1 connects to the bresnanoptimumcharter modem, where I have an 18/2 connection. Eth0 connects to a 100mb, unmanaged switch. From there are two wireless routers acting as straight-up access points, at either end of the house. The problem occurs whether connected via wireless or ethernet. I did however, connect my PC directly to eth0 via ethernet cable, removing the rest of the network, and the problem was still there. When connecting my PC directly to the modem, the problem is gone.
What happens is, I can connect to google hangouts, I can see my own video in the small box at the bottom, I can see other people's video fine but no one can see my video. Chat, audio and plugins all work fine, I just can't send video. This problem is not restricted to just my PC however. I've tried this on every PC in the house, on different google accounts, as well as on my thrive android tablet and two droid razr phones. Always the same, video will not send out. If I remove the droids from the wireless and connect over the 4G, video sends out fine, all is well.
Something else I noticed, when at work, I route all of my browser traffic to my home, through an ssh tunnel and hangouts works flawlessly there, video and audio. That is still going through my firewall and out eth1 on the firewall PC however, the difference is that it's not passing through eth0. I'm not sure how that helps me but I'm sure it's significant.
All this time I thought that outgoing video was being blocked somehow but last night I discovered that what's actually happening is that it's severely lagging. If I join a hangout and wait for a few minutes, a single frame from my webcam will come up on the main screen. Although in the smaller bar at the bottom, where you see everyone's video, mine is showing up at normal speed. What everyone else sees though, is just that one frame. I hope that made sense. So it appears that the video is going through but is extremely laggy.
I've watched top and some monitoring widgets in KDE and while using hangouts, there are no significant spikes in network, CPU or memory usage. They all seem to stay at normal levels. So it seems that something on my firewall is throttling the connection down somehow, or something like that, I'm not really sure. Again, incoming video, from the other hangout participants, works fine. It's just my outgoing video that lags.
Would anyone have any idea where I could look to figure out what's causing this?
Thanks!
Output of 'iptables --list', in case it might be helpful:
I have a quad core 3GHz PC with 8GB of RAM, with Kubuntu 12.04, running iptables, acting as my firewall/router. Eth1 connects to the bresnanoptimumcharter modem, where I have an 18/2 connection. Eth0 connects to a 100mb, unmanaged switch. From there are two wireless routers acting as straight-up access points, at either end of the house. The problem occurs whether connected via wireless or ethernet. I did however, connect my PC directly to eth0 via ethernet cable, removing the rest of the network, and the problem was still there. When connecting my PC directly to the modem, the problem is gone.
What happens is, I can connect to google hangouts, I can see my own video in the small box at the bottom, I can see other people's video fine but no one can see my video. Chat, audio and plugins all work fine, I just can't send video. This problem is not restricted to just my PC however. I've tried this on every PC in the house, on different google accounts, as well as on my thrive android tablet and two droid razr phones. Always the same, video will not send out. If I remove the droids from the wireless and connect over the 4G, video sends out fine, all is well.
Something else I noticed, when at work, I route all of my browser traffic to my home, through an ssh tunnel and hangouts works flawlessly there, video and audio. That is still going through my firewall and out eth1 on the firewall PC however, the difference is that it's not passing through eth0. I'm not sure how that helps me but I'm sure it's significant.
All this time I thought that outgoing video was being blocked somehow but last night I discovered that what's actually happening is that it's severely lagging. If I join a hangout and wait for a few minutes, a single frame from my webcam will come up on the main screen. Although in the smaller bar at the bottom, where you see everyone's video, mine is showing up at normal speed. What everyone else sees though, is just that one frame. I hope that made sense. So it appears that the video is going through but is extremely laggy.
I've watched top and some monitoring widgets in KDE and while using hangouts, there are no significant spikes in network, CPU or memory usage. They all seem to stay at normal levels. So it seems that something on my firewall is throttling the connection down somehow, or something like that, I'm not really sure. Again, incoming video, from the other hangout participants, works fine. It's just my outgoing video that lags.
Would anyone have any idea where I could look to figure out what's causing this?
Thanks!
Output of 'iptables --list', in case it might be helpful:
Code:
Chain INPUT (policy DROP) target prot opt source destination DROP tcp -- anywhere anywhere state NEW recent: UPDATE seconds: 15 name: DEFAULT side: source tcp dpt:ssh ACCEPT tcp -- anywhere anywhere state NEW recent: SET name: DEFAULT side: source tcp dpt:ssh ACCEPT all -- anywhere anywhere bad_packets all -- anywhere anywhere ACCEPT all -- 192.168.58.0/24 anywhere ACCEPT all -- anywhere 192.168.58.255 ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED tcp_inbound tcp -- anywhere anywhere udp_inbound udp -- anywhere anywhere icmp_packets icmp -- anywhere anywhere DROP all -- anywhere anywhere PKTTYPE = broadcast LOG all -- anywhere anywhere limit: avg 3/min burst 3 LOG level warning prefix "INPUT packet died: " DROP all -- anywhere anywhere state INVALID ACCEPT all -- 192.168.57.0/24 anywhere ACCEPT all -- anywhere 192.168.57.255 ACCEPT all -- 192.168.59.0/24 anywhere ACCEPT all -- anywhere 192.168.59.255 Chain FORWARD (policy DROP) target prot opt source destination bad_packets all -- anywhere anywhere tcp_outbound tcp -- anywhere anywhere udp_outbound udp -- anywhere anywhere ACCEPT all -- anywhere anywhere ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED LOG all -- anywhere anywhere limit: avg 3/min burst 3 LOG level warning prefix "FORWARD packet died: " ACCEPT all -- anywhere anywhere DROP all -- anywhere anywhere state INVALID tcp_outbound tcp -- anywhere anywhere udp_outbound udp -- anywhere anywhere ACCEPT all -- anywhere anywhere tcp_outbound tcp -- anywhere anywhere udp_outbound udp -- anywhere anywhere ACCEPT all -- anywhere anywhere Chain OUTPUT (policy DROP) target prot opt source destination ACCEPT all -- aragorn anywhere ACCEPT all -- anywhere anywhere ACCEPT all -- home anywhere ACCEPT all -- anywhere anywhere ACCEPT all -- anywhere anywhere LOG all -- anywhere anywhere limit: avg 3/min burst 3 LOG level warning prefix "OUTPUT packet died: " DROP all -- anywhere anywhere state INVALID ACCEPT all -- anywhere anywhere ACCEPT all -- anywhere anywhere Chain bad_packets (2 references) target prot opt source destination LOG all -- 192.168.58.0/24 anywhere LOG level warning prefix "Illegal source: " DROP all -- 192.168.58.0/24 anywhere LOG all -- anywhere anywhere state INVALID LOG level info prefix "Invalid packet: " DROP all -- anywhere anywhere state INVALID bad_tcp_packets tcp -- anywhere anywhere RETURN all -- anywhere anywhere Chain bad_tcp_packets (1 references) target prot opt source destination RETURN tcp -- anywhere anywhere LOG tcp -- anywhere anywhere tcpflags:! FIN,SYN,RST,ACK/SYN state NEW LOG level warning prefix "New not syn: " DROP tcp -- anywhere anywhere tcpflags:! FIN,SYN,RST,ACK/SYN state NEW LOG tcp -- anywhere anywhere tcpflags: FIN,SYN,RST,PSH,ACK,URG/NONE LOG level warning prefix "Stealth scan: " DROP tcp -- anywhere anywhere tcpflags: FIN,SYN,RST,PSH,ACK,URG/NONE LOG tcp -- anywhere anywhere tcpflags: FIN,SYN,RST,PSH,ACK,URG/FIN,SYN,RST,PSH,ACK,URG LOG level warning prefix "Stealth scan: " DROP tcp -- anywhere anywhere tcpflags: FIN,SYN,RST,PSH,ACK,URG/FIN,SYN,RST,PSH,ACK,URG LOG tcp -- anywhere anywhere tcpflags: FIN,SYN,RST,PSH,ACK,URG/FIN,PSH,URG LOG level warning prefix "Stealth scan: " DROP tcp -- anywhere anywhere tcpflags: FIN,SYN,RST,PSH,ACK,URG/FIN,PSH,URG LOG tcp -- anywhere anywhere tcpflags: FIN,SYN,RST,PSH,ACK,URG/FIN,SYN,RST,ACK,URG LOG level warning prefix "Stealth scan: " DROP tcp -- anywhere anywhere tcpflags: FIN,SYN,RST,PSH,ACK,URG/FIN,SYN,RST,ACK,URG LOG tcp -- anywhere anywhere tcpflags: SYN,RST/SYN,RST LOG level warning prefix "Stealth scan: " DROP tcp -- anywhere anywhere tcpflags: SYN,RST/SYN,RST LOG tcp -- anywhere anywhere tcpflags: FIN,SYN/FIN,SYN LOG level warning prefix "Stealth scan: " DROP tcp -- anywhere anywhere tcpflags: FIN,SYN/FIN,SYN RETURN tcp -- anywhere anywhere RETURN tcp -- anywhere anywhere RETURN tcp -- anywhere anywhere Chain icmp_packets (1 references) target prot opt source destination LOG icmp -f anywhere anywhere LOG level warning prefix "ICMP Fragment: " ACCEPT icmp -- anywhere anywhere icmp echo-request ACCEPT icmp -- anywhere anywhere icmp time-exceeded RETURN icmp -- anywhere anywhere Chain tcp_inbound (1 references) target prot opt source destination ACCEPT tcp -- anywhere anywhere tcp dpt:ssh ACCEPT tcp -- anywhere anywhere tcp dpt:http ACCEPT tcp -- anywhere anywhere tcp dpt:https ACCEPT tcp -- anywhere anywhere tcp dpt:openvpn ACCEPT tcp -- anywhere anywhere tcp dpt:1723 ACCEPT tcp -- anywhere anywhere tcp dpt:3030 ACCEPT tcp -- anywhere anywhere tcp dpt:3031 ACCEPT tcp -- anywhere anywhere tcp dpt:5121 ACCEPT tcp -- anywhere anywhere tcp dpts:xmpp-client:5224 ACCEPT tcp -- anywhere anywhere tcp dpt:5900 ACCEPT tcp -- anywhere anywhere tcp dpt:8000 ACCEPT tcp -- anywhere anywhere tcp dpt:9293 ACCEPT tcp -- anywhere anywhere tcp dpt:9987 ACCEPT tcp -- anywhere anywhere tcp dpt:webmin ACCEPT tcp -- anywhere anywhere tcp dpt:10001 ACCEPT tcp -- anywhere anywhere tcp dpt:10008 ACCEPT tcp -- anywhere anywhere tcp dpt:10009 ACCEPT tcp -- anywhere anywhere tcp dpt:10010 ACCEPT tcp -- anywhere anywhere tcp dpts:10070:amanda ACCEPT tcp -- anywhere anywhere tcp dpts:19305:19309 RETURN tcp -- anywhere anywhere Chain tcp_outbound (3 references) target prot opt source destination ACCEPT tcp -- anywhere anywhere Chain udp_inbound (1 references) target prot opt source destination DROP udp -- anywhere anywhere udp dpt:netbios-ns DROP udp -- anywhere anywhere udp dpt:netbios-dgm ACCEPT udp -- anywhere anywhere udp spt:bootps dpt:bootpc ACCEPT udp -- anywhere anywhere udp dpt:https ACCEPT udp -- anywhere anywhere udp dpt:openvpn ACCEPT udp -- anywhere anywhere udp dpt:1723 ACCEPT udp -- anywhere anywhere udp dpt:3030 ACCEPT udp -- anywhere anywhere udp dpts:3478:3479 ACCEPT udp -- anywhere anywhere udp dpt:3658 ACCEPT udp -- anywhere anywhere udp dpt:10070 ACCEPT udp -- anywhere anywhere udp dpt:5121 ACCEPT udp -- anywhere anywhere udp dpts:xmpp-client:5224 ACCEPT udp -- anywhere anywhere udp dpt:8000 ACCEPT udp -- anywhere anywhere udp dpt:9987 ACCEPT udp -- anywhere anywhere udp dpt:10000 ACCEPT udp -- anywhere anywhere udp dpt:10001 ACCEPT udp -- anywhere anywhere udp dpt:10008 ACCEPT udp -- anywhere anywhere udp dpt:10009 ACCEPT udp -- anywhere anywhere udp dpt:10010 ACCEPT udp -- anywhere anywhere udp dpts:19305:19309 RETURN udp -- anywhere anywhere Chain udp_outbound (3 references) target prot opt source destination ACCEPT udp -- anywhere anywhere
Comment