[mythtv-users] Re: atprms.net unreachable? (ip blocking)

Kenneth Hadley khadley at pacbell.net
Wed Jun 15 00:37:57 UTC 2005


Axel,

How often is the blocking cleared?

I've been blocked for about a bit over a day now and I'm rather amazed
that it appears at least half dozen (or more) people are having this
problem.



Axel Thimm wrote:

>On Tue, Jun 14, 2005 at 01:44:36PM -0400, Scott wrote:
>  
>
>>On Jun 14, 2005, at 11:10 AM, Axel Thimm wrote:
>>    
>>
>>>The server blocks any IP that connects more than a dozen time at the
>>>same moment (DoS and "download accellerators").
>>>      
>>>
>>A good feature for internet facing servers but can it be tweeked? I  
>>think the yum client in FC4 along with some casual browsing is  
>>triggering IP blocks. Also, yum tends to connect and disconnect  
>>several times during a transaction which may be affecting things on  
>>your end.
>>    
>>
>
>Disconnecting and reconnecting is OK, the script only checks for >= 20
>*concurrent* connections. If yum really behaves unproper, please use
>apt.
>
>  
>
>>If you want to check your logs look for the IP 66.57.80.76 between  
>>13:00 and 14:00 ET
>>    
>>
>
>If it was blocked it won't reach the logs anymore. I resetted the host list.
>
>  
>
>>You most likely don't hear this enough, thanks for the help and the  
>>atrpms.net service.
>>    
>>
>
>Thanks!
>
>If anyone has a better idea of how to deal with this, here is the
>scriplet used for checking (/etc/rc.local contains the actual
>firewalling):
>
>while /bin/true; do
>/bin/cp -a /etc/blockedhosts /etc/blockedhosts.old
>netstat -pan | grep 160.45.32.[0-9]*:80| awk '{print $5}' | awk -F: '{print $1}' |  sort | uniq -c | sort -n \
> | grep '^ *[2-9][0-9][0-9]* ' | awk '{print $2}' >> /etc/blockedhosts
>sort -nu < /etc/blockedhosts | grep -vf /etc/whitelist > /etc/blockedhosts.new
>mv -f /etc/blockedhosts.new /etc/blockedhosts
>/etc/rc.local
>#diff -ud /etc/blockedhosts.old /etc/blockedhosts
>sleep 30
>done
>
>
>  
>
>------------------------------------------------------------------------
>
>_______________________________________________
>mythtv-users mailing list
>mythtv-users at mythtv.org
>http://mythtv.org/cgi-bin/mailman/listinfo/mythtv-users
>  
>



More information about the mythtv-users mailing list