iptables does something weird following suspend [found workaround] I wrote a script to set up a simple firewall, as follows: Code: # Flush the tables /usr/sbin/iptables -F # Deny everything by default /usr/sbin/iptables -P INPUT DROP /usr/sbin/iptables -P FORWARD DROP /usr/sbin/iptables -P OUTPUT DROP # Allow established and related inputs /usr/sbin/iptables -A INPUT -m conntrack \ --ctstate ESTABLISHED,RELATED -j ACCEPT # Allow DNS (UDP) outbound /usr/sbin/iptables -A OUTPUT -p udp --dport 53 -j ACCEPT # Allow ICMP outbound /usr/sbin/iptables -A OUTPUT -p icmp -j ACCEPT # Allow various TCP stuff /usr/sbin/iptables -A OUTPUT -p tcp -m multiport \ --dports 21,22,53,80,443,6881:6999 -j ACCEPT I set it up to run on boot, and three weird things now happen on resuming from suspend: 1. Getting an IP address through DHCP on my home network takes about 30+ seconds 2. During those 30 seconds, Wicd's GUI is unresponsive 3. When 'iptables --list' is invoked, it shows that the last line (the one with the outbound TCP rules) twice Running the script again cuts all that short, and restores everything to normal. What did I do wrong here? Update: Found a workaround using acpid. Instead of invoking pm-suspend, I suspend directly with 'echo mem > /sys/power/state'. This is fine since I was already using acpid, rather than a power manager.