[BlueOnyx:12008] Re: Blocked IP - locked myself out
Greg Kuhnert
gkuhnert at compassnetworks.com.au
Tue Jan 15 22:31:05 -05 2013
On 16/01/2013, at 11:48 AM, Gerald Waugh <gwaugh at frontstreetnetworks.com> wrote:
> On 01/15/2013 06:38 PM, Brian wrote:
>>
>> I am following up on this problem. It turns out, the server blocks my IP every day. Here is my process.
>>
>> --------------clear iptables-------------------
>> iptables --list (I get pages and pages of rules - one includes my IP address)
>> iptables --flush (temporary clear of rules)
>> service iptables save (saves blank rules to /etc/sysconfig/iptables )
>> service iptables stop
>> service iptables start
>> iptables --list (check rules again after restart and everything is blank - good to go)
>>
>> I can connect to sites, ftp, etc.
>>
>> Next Day - IP is blocked again. I have to disconnect from the network, setup my cell as a wi-fi hotspot. Connect to the cell wi-fi (to get an unblocked IP), run putty and clean the iptables again.
>>
>> Next Day - Blocked again.
>>
>> How are old rules getting reloaded?
>
> a SWAG
> Are you running dfix?
> Seems like I remember you removed dfix?
> Check your cron directories
> ls /etc/cron* | grep dfix
>
> Maybe Greg will chime in, if dfix is a problem
To analyse this specific problem - we'd need to see the output of iptables --list to find out where your IP is listed. DFIX uses a custom chain so its easy to see if its DFIX blocking you.
Another general suggestion for all server admins - Login to your admin mailbox... If DFIX is blocking you, there will be a cron email in your admin inbox. If denyhosts is blocking you - there will be an email in your inbox.
Regards,
Greg.
More information about the Blueonyx
mailing list