Outbound connection problem

[InteractM]

It looks like somehow cPanel start to drop most of outbound connections. I can upload to the sever over FTP connection but when I try to update cPanel or do wget it doesn't let me download anything on the server. An example:

[email protected] [~]# wget --output-document=/dev/null http://speedtest.wdc01.softlayer.com/downloads/test500.zip
--2013-06-04 09:51:22--  http://speedtest.wdc01.softlayer.com/downloads/test500.zip
Resolving speedtest.wdc01.softlayer.com... 208.43.102.250
Connecting to speedtest.wdc01.softlayer.com|208.43.102.250|:80... connected.
HTTP request sent, awaiting response...

and it is stuck :\

Any clue what is going on?

Thanks

 

[cPanelMichael]

Hello

Have you checked to make sure there are no third-party firewall rules or custom IPTables rules in place that could be restricting the downloads from remote servers?

Thank you.

 

[InteractM]

iptables:

# Generated by iptables-save v1.4.7 on Wed Apr 24 21:22:07 2013
*nat
:PREROUTING ACCEPT [0:0]
:POSTROUTING ACCEPT [532:33201]
:OUTPUT ACCEPT [532:33201]
COMMIT
# Completed on Wed Apr 24 21:22:07 2013
# Generated by iptables-save v1.4.7 on Wed Apr 24 21:22:07 2013
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:acctboth - [0:0]
:cP-Firewall-1-INPUT - [0:0]
-A INPUT -j cP-Firewall-1-INPUT
-A INPUT -j acctboth
-A FORWARD -j cP-Firewall-1-INPUT
-A OUTPUT -j acctboth
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 993 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 2078 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 53 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 21 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 2082 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 2077 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 26 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 8080 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 143 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 995 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 110 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 25 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 2086 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 2087 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 2095 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 465 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 2096 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 3306 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 2083 -j ACCEPT
-A cP-Firewall-1-INPUT -p udp -m state --state NEW -m udp --dport 53 -j ACCEPT
COMMIT
# Completed on Wed Apr 24 21:22:07 2013

 

[cPanelMichael]

It's also possible there is a download restriction at the network level. Have you provided this information to your data center to see if they are blocking or filtering any type of traffic? The issue you have reported would not typically be related to the cPanel software.

Thank you.

 

[InteractM]

Well, I have second server on same line and there is no restrictions on both. It happens suddenly and I'm not sure if it was related to last cPanel update on that server.

Is there any way to force system updates first and then cPanel updates? I'm looking for something to execute from a command line.

Thanks

 

[cPanelMichael]

It's very possible that your data center has restricted access on just your server or IP block. There is no functionality in cPanel that will restrict outgoing traffic. You can update your system packages via "yum update", but I do not foresee that helping resolve this issue. I highly advise consulting with your data center to see why outbound connections are not working properly.

Thank you.

 

[InteractM]

Well, I have try to connect another server to that IP to check if there are any limitations from the data center side.

 

[cPanelMichael]

If you have disabled your IPTables firewall rules and the issue persists, your best option is to consult with your data center. It's not uncommon for data centers to filter traffic from one server in a location, and not filter traffic on another server.

Thank you.

 

[InteractM]

I have moved that server to different connection and IP - problem still exists.

 

[cPanelMichael]

Could you open a support ticket so we can investigate and rule out any issues with the cPanel software?

Submit A Ticket

Please post the ticket number here so we can keep this thread updated.

Thank you.