[mythtv-users] Re: atprms.net unreachable? (ip blocking)

Axel Thimm Axel.Thimm at ATrpms.net
Wed Jun 15 01:18:16 UTC 2005


On Tue, Jun 14, 2005 at 05:37:57PM -0700, Kenneth Hadley wrote:
> Axel,
> 
> How often is the blocking cleared?

Not really often. I think I cleared it twice since the release.

> I've been blocked for about a bit over a day now

Certainly has been cleared in the last 24h. What have you been doing?
Is it yum again?

> and I'm rather amazed that it appears at least half dozen (or more)
> people are having this problem.

Half a dozen is vanishingly small if you compare to the total unique
client accesses per day. In normal days it's between 10-20K. I haven't
checked yet for the unique connects since the release of FC4, but I
guess they will be much higher.

> Axel Thimm wrote:
> 
> >On Tue, Jun 14, 2005 at 01:44:36PM -0400, Scott wrote:
> >  
> >
> >>On Jun 14, 2005, at 11:10 AM, Axel Thimm wrote:
> >>    
> >>
> >>>The server blocks any IP that connects more than a dozen time at the
> >>>same moment (DoS and "download accellerators").
> >>>      
> >>>
> >>A good feature for internet facing servers but can it be tweeked? I  
> >>think the yum client in FC4 along with some casual browsing is  
> >>triggering IP blocks. Also, yum tends to connect and disconnect  
> >>several times during a transaction which may be affecting things on  
> >>your end.
> >>    
> >>
> >
> >Disconnecting and reconnecting is OK, the script only checks for >= 20
> >*concurrent* connections. If yum really behaves unproper, please use
> >apt.
> >
> >  
> >
> >>If you want to check your logs look for the IP 66.57.80.76 between  
> >>13:00 and 14:00 ET
> >>    
> >>
> >
> >If it was blocked it won't reach the logs anymore. I resetted the host list.
> >
> >  
> >
> >>You most likely don't hear this enough, thanks for the help and the  
> >>atrpms.net service.
> >>    
> >>
> >
> >Thanks!
> >
> >If anyone has a better idea of how to deal with this, here is the
> >scriplet used for checking (/etc/rc.local contains the actual
> >firewalling):
> >
> >while /bin/true; do
> >/bin/cp -a /etc/blockedhosts /etc/blockedhosts.old
> >netstat -pan | grep 160.45.32.[0-9]*:80| awk '{print $5}' | awk -F: '{print $1}' |  sort | uniq -c | sort -n \
> > | grep '^ *[2-9][0-9][0-9]* ' | awk '{print $2}' >> /etc/blockedhosts
> >sort -nu < /etc/blockedhosts | grep -vf /etc/whitelist > /etc/blockedhosts.new
> >mv -f /etc/blockedhosts.new /etc/blockedhosts
> >/etc/rc.local
> >#diff -ud /etc/blockedhosts.old /etc/blockedhosts
> >sleep 30
> >done
> >
> >
> >  
> >
> >
> >_______________________________________________
> >mythtv-users mailing list
> >mythtv-users at mythtv.org
> >http://mythtv.org/cgi-bin/mailman/listinfo/mythtv-users
> >  
> >
> 
> _______________________________________________
> mythtv-users mailing list
> mythtv-users at mythtv.org
> http://mythtv.org/cgi-bin/mailman/listinfo/mythtv-users

-- 
Axel.Thimm at ATrpms.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://mythtv.org/pipermail/mythtv-users/attachments/20050615/4da98154/attachment-0001.pgp


More information about the mythtv-users mailing list