The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

IP block

Discussion in 'General Discussion' started by rootuser, Mar 21, 2005.

  1. rootuser

    rootuser Well-Known Member

    Joined:
    Jan 31, 2005
    Messages:
    124
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    ***INDIA***
    Everyday user's from a particular isp are not able to access websites from one of my pariticular server, the same problem is presisting some other user's in the same server(I mean they also belong to some other ISP).Apf is installed , but in apf ip block file( /etc/apf/deny_hostrules) is empty.Same client have accounts in our some other server,those all are working fine .Any idea's :)
     
    #1 rootuser, Mar 21, 2005
    Last edited: Mar 22, 2005
  2. brentp

    brentp Well-Known Member

    Joined:
    Mar 11, 2004
    Messages:
    324
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Ayr, North Queensland, Australia
    Grammar, might want to tune up on that. Check iptables, or the users .htaccess files.

    Regards,
    Brent
     
  3. rootuser

    rootuser Well-Known Member

    Joined:
    Jan 31, 2005
    Messages:
    124
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    ***INDIA***
    sorry for bad my bad english , but brent this is nothing related to .htaccess file,may be it is related to iptables but it's configuration is same as other server's, but no problem for that servers .

    No ip's are blocked, but they are not able to view there websites(From other location's site's are ok)
     
  4. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    It could simply be a peering problem between your server and that ISP. Your datacenter might be able to help determine where the problem is. I would suggest that you:

    1. Get a client with the problem to run traceroute from their PC to your server to see where the packets fail.

    2. To check the ip address in iptables do the following (where 11.22.33.44 is their IP address):

    iptables -L -n | grep 11.22.33.44

    There are two files that you have to check with APF: the deny file that you mentioned; /etc/apf/ad/ad.rules as well if you have anti-dos suppor enabled and configured for APF.
     
  5. rootuser

    rootuser Well-Known Member

    Joined:
    Jan 31, 2005
    Messages:
    124
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    ***INDIA***
    Thank's chirpy , in this server we are disabled all the anti-dos and dshield rules, but again and again they are not able to accccess websites.If i trun off apf and iptables all are working fine .
     
  6. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    That is certainly odd, but I have had reports from clients with similar issues and they had to remove APF. You could still use a static iptables firewall and there are many tutorials and scripts available that can help with that if you check on google.
     
  7. FWC

    FWC Well-Known Member

    Joined:
    May 13, 2002
    Messages:
    354
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Ontario, Canada
    If you are blocking reserved or private networks you might want to check those lists. Make sure reserved.networks is up to date.
     
  8. rootuser

    rootuser Well-Known Member

    Joined:
    Jan 31, 2005
    Messages:
    124
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    ***INDIA***
    where this file is??(reserved.networks)Thanks !!
     
  9. FWC

    FWC Well-Known Member

    Joined:
    May 13, 2002
    Messages:
    354
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Ontario, Canada
    /etc/apf/internals/reserved.networks

    It neeeds to be updated when IANA releases new blocks.
     
  10. rootuser

    rootuser Well-Known Member

    Joined:
    Jan 31, 2005
    Messages:
    124
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    ***INDIA***
    Thanks FWC!!!
     
Loading...

Share This Page