[mythtv-users] Re: atprms.net unreachable? (ip blocking)

Axel Thimm Axel.Thimm at ATrpms.net
Tue Jun 14 20:28:57 UTC 2005


Please, before anyone else send me his private IP address: ATrpms
currently moves 1TB/day, I cannot browse the logs for any failed
connection out there.

Avoid using anything that will penalize the server more than
required. If yum does indeed fire up several connections w/o closing
them, please don't use it. I just tested apt and smart and they don't
open nearly as many connections.

On Tue, Jun 14, 2005 at 08:48:33PM +0200, Axel Thimm wrote:
> On Tue, Jun 14, 2005 at 01:44:36PM -0400, Scott wrote:
> > On Jun 14, 2005, at 11:10 AM, Axel Thimm wrote:
> > >The server blocks any IP that connects more than a dozen time at the
> > >same moment (DoS and "download accellerators").
> > 
> > A good feature for internet facing servers but can it be tweeked? I  
> > think the yum client in FC4 along with some casual browsing is  
> > triggering IP blocks. Also, yum tends to connect and disconnect  
> > several times during a transaction which may be affecting things on  
> > your end.
> 
> Disconnecting and reconnecting is OK, the script only checks for >= 20
> *concurrent* connections. If yum really behaves unproper, please use
> apt.
> 
> > If you want to check your logs look for the IP 66.57.80.76 between  
> > 13:00 and 14:00 ET
> 
> If it was blocked it won't reach the logs anymore. I resetted the host list.
> 
> > You most likely don't hear this enough, thanks for the help and the  
> > atrpms.net service.
> 
> Thanks!
> 
> If anyone has a better idea of how to deal with this, here is the
> scriplet used for checking (/etc/rc.local contains the actual
> firewalling):
> 
> while /bin/true; do
> /bin/cp -a /etc/blockedhosts /etc/blockedhosts.old
> netstat -pan | grep 160.45.32.[0-9]*:80| awk '{print $5}' | awk -F: '{print $1}' |  sort | uniq -c | sort -n \
>  | grep '^ *[2-9][0-9][0-9]* ' | awk '{print $2}' >> /etc/blockedhosts
> sort -nu < /etc/blockedhosts | grep -vf /etc/whitelist > /etc/blockedhosts.new
> mv -f /etc/blockedhosts.new /etc/blockedhosts
> /etc/rc.local
> #diff -ud /etc/blockedhosts.old /etc/blockedhosts
> sleep 30
> done
> 
> 



> _______________________________________________
> mythtv-users mailing list
> mythtv-users at mythtv.org
> http://mythtv.org/cgi-bin/mailman/listinfo/mythtv-users


-- 
Axel.Thimm at ATrpms.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://mythtv.org/pipermail/mythtv-users/attachments/20050614/aa58a419/attachment.pgp


More information about the mythtv-users mailing list