Help - Search - Members - Calendar
Full Version: Users not able to access my box
The Planet Forums > Control Panels > cPanel/WHM
mitt
Dec 5 2005, 11:42 AM
I have recieved notice that a couple users can't view any of the sites hosted on my box. I have looked in my firewall rules (apf) and can't find a block on the IP from one of the user. I had the user test my other box with the same rules and they could access it fine. If I disable the firewall then the user can access the box. The problem didnt start until a week ago and I have not modified anything in the firewall prior to the user started having the problem. Any suggestions? It has to be in the firewall but I can't figure out where or how.
theuruguayan
Dec 5 2005, 12:55 PM
check if he is not in a ip range of the reserved networks.
mitt
Dec 5 2005, 01:03 PM
I did look in the .networks files. The users IP is 216.xxx.xxx.xxx and these are my .networks files

private.networks
QUOTE
10.0.0.0/8
172.16.0.0/12
128.66.0.0/16
192.168.0.0/16
127.0.0.0/8


multicast.networks
QUOTE
224.0.0.0/8
225.0.0.0/8
226.0.0.0/8
227.0.0.0/8
228.0.0.0/8
229.0.0.0/8
230.0.0.0/8
231.0.0.0/8
232.0.0.0/8
233.0.0.0/8
234.0.0.0/8
235.0.0.0/8
236.0.0.0/8
237.0.0.0/8
238.0.0.0/8
239.0.0.0/8


and reserved.networks
QUOTE
1.0.0.0/8
2.0.0.0/8
5.0.0.0/8
7.0.0.0/8
23.0.0.0/8
27.0.0.0/8
31.0.0.0/8
36.0.0.0/8
37.0.0.0/8
39.0.0.0/8
41.0.0.0/8
42.0.0.0/8
58.0.0.0/8
59.0.0.0/8
73.0.0.0/8
74.0.0.0/8
75.0.0.0/8
76.0.0.0/8
77.0.0.0/8
78.0.0.0/8
79.0.0.0/8
89.0.0.0/8
90.0.0.0/8
91.0.0.0/8
92.0.0.0/8
93.0.0.0/8
94.0.0.0/8
95.0.0.0/8
96.0.0.0/8
97.0.0.0/8
98.0.0.0/8
99.0.0.0/8
100.0.0.0/8
101.0.0.0/8
102.0.0.0/8
103.0.0.0/8
104.0.0.0/8
105.0.0.0/8
106.0.0.0/8
107.0.0.0/8
108.0.0.0/8
109.0.0.0/8
110.0.0.0/8
111.0.0.0/8
112.0.0.0/8
113.0.0.0/8
114.0.0.0/8
115.0.0.0/8
116.0.0.0/8
117.0.0.0/8
118.0.0.0/8
119.0.0.0/8
120.0.0.0/8
121.0.0.0/8
122.0.0.0/8
123.0.0.0/8
173.0.0.0/8
174.0.0.0/8
175.0.0.0/8
176.0.0.0/8
177.0.0.0/8
178.0.0.0/8
179.0.0.0/8
180.0.0.0/8
181.0.0.0/8
182.0.0.0/8
183.0.0.0/8
184.0.0.0/8
185.0.0.0/8
186.0.0.0/8
187.0.0.0/8
189.0.0.0/8
190.0.0.0/8
197.0.0.0/8
223.0.0.0/8
240.0.0.0/8
241.0.0.0/8
242.0.0.0/8
243.0.0.0/8
244.0.0.0/8
245.0.0.0/8
246.0.0.0/8
247.0.0.0/8
248.0.0.0/8
249.0.0.0/8
250.0.0.0/8
251.0.0.0/8
252.0.0.0/8
253.0.0.0/8
254.0.0.0/8
255.0.0.0/8


I looked through here and don't see 216.xxx.xxx.xxx IP range.
aussie
Dec 15 2005, 02:36 AM
QUOTE (mitt)
I have recieved notice that a couple users can't view any of the sites hosted on my box. I have looked in my firewall rules (apf) and can't find a block on the IP from one of the user. I had the user test my other box with the same rules and they could access it fine. If I disable the firewall then the user can access the box. The problem didnt start until a week ago and I have not modified anything in the firewall prior to the user started having the problem. Any suggestions? It has to be in the firewall but I can't figure out where or how.


Well, have you looked in /etc/apf/deny* for the users ip?
Are you on any blocked lists? Eg, your users ISP is blocking access to your box?
Are the people who are blocked using the same ISP? EG all using comcast for eg?
Are you using VNET? If so, disable it in conf.apf.
Are you blocking Private and Reserved networks in conf.apf?
Have you checked your log for that ip? What does your /var/log/messages log say? Does this ip appear and if so why?
Have you executed /sbin/iptables -L -n | more and looked for the ip in question? Does it appear in the list of blocked ips? If it does, did you do a flush?
Has the user installed a firewall?
Are you running mod_security? Is this the problem?
Why dont you ask your user to send you a traceroute, from their own PC? That will tell you alot. Start here!

etc
theuruguayan
Dec 15 2005, 07:11 AM
ask them for a trace from his computer to your server.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2009 Invision Power Services, Inc.