inetpro | . | 07:58 |
---|---|---|
chesedo | I'm having a weird issue that some network guys might be able to figure | 11:27 |
chesedo | I have been trying to solve a problem relating to connection to my public IP which seems to just get blocked... | 11:28 |
chesedo | and have a server that i rent in DE which i am trying to use to debug this... | 11:28 |
chesedo | but i lost my connection to the DE server which have happened before and logged into the web interface to see if it is stil up | 11:29 |
chesedo | From the web interface in is up and i can start a virtual console from there... | 11:30 |
chesedo | now in the virtual console i can ping 8.8.8.8 and what not except for for public ip | 11:31 |
chesedo | and the same from my lappy which is on the other side of the public ip (expect for being able to react the DE server) | 11:32 |
chesedo | So i ran a traceroute (using mtr) on both... | 11:32 |
chesedo | From my public ip (which is 41.168.11.36) the in uses 41.168.11.1 and then 41.160.0.245 which then looses the connection some 15 hops later... | 11:34 |
chesedo | but from the DE server it reaches 41.160.0.244 (not 245) after about 15 hops with the next hop being undetermined... | 11:35 |
chesedo | so it seem that some arp (or other) issue exists on the 41.160.0.0/24 network? | 11:37 |
chesedo | oh that should be routing issue, but then i now also spotted that there are a few addresses in the route that differ but are in the same subset (assuming /32) | 12:10 |
Cryterion_ | chesedo, are you trying to access a local machine from outside the public ip? | 16:10 |
=== Cryterion_ is now known as Cryterion | ||
Cryterion | . | 18:03 |
chesedo | Cryterion: the public ip has port forwards to a local machine yes - which is the original issue i'm trying to sort - but then the complete connection to the public ip (pings) went down as described above | 18:44 |
chesedo | or the shh connection from me (behind the public ip) to the DE server so that i can fix the original issue | 18:46 |
Cryterion | DE server is the one at 41.168.11.36? | 18:50 |
chesedo | no that's my public ip | 18:51 |
chesedo | DE is 185.172.59.164 | 18:51 |
Cryterion | ping and ssh went through fine, although I can't login as don't have user acc | 18:52 |
chesedo | that the thing, using a third ip I can get to both | 18:53 |
chesedo | but they cannot get to each other | 18:53 |
Cryterion | I'm reading this as, you can't connect from behind the 41 ip? | 18:54 |
chesedo | well i can get to the DE server via a web interface of the provider | 18:54 |
Cryterion | but not ssh | 18:54 |
chesedo | yes, and using the web interface i cannot get to 41 either | 18:55 |
chesedo | not even pings | 18:55 |
chesedo | that is a virtual terminal in the web ui | 18:55 |
Cryterion | does the server have any ip banning configured, I know mines setup to ban 24hrs on ssh fail | 18:56 |
chesedo | no, but the providers might | 18:57 |
chesedo | i did an nmap scan from the DE to the 41 just before it went down | 18:58 |
chesedo | well, it went down during... | 18:58 |
Cryterion | can you get into terminal via the web based ui | 18:58 |
chesedo | yes | 18:59 |
chesedo | it is just slow | 18:59 |
Cryterion | chk if you have iptables running | 19:00 |
Cryterion | you'll need to be root | 19:00 |
chesedo | waiting for the ui... | 19:01 |
Cryterion | sudo iptables - that will let us know if it's installed | 19:01 |
chesedo | yip v1.6.0 | 19:02 |
Cryterion | sudo service iptables stop | 19:02 |
Cryterion | that'll stop the ip banning, try ssh afterwards | 19:02 |
Cryterion | I hope, just trying things out to help | 19:03 |
chesedo | hmm, 'failed to stop.... unit iptables.servie not loaded' | 19:04 |
Cryterion | hmm | 19:04 |
chesedo | nat table is empty | 19:04 |
chesedo | now checking filters... | 19:04 |
Cryterion | ok so if that's not running, gonna check a few things, brb | 19:05 |
chesedo | filter table is empty too | 19:06 |
Cryterion | other one is FailToBan | 19:07 |
chesedo | hmm, the DE server is only a mail server with nginx for webmail | 19:08 |
Cryterion | check in /etc/ if you have a fail2ban dir | 19:09 |
chesedo | ...modoboa to be specific | 19:09 |
Cryterion | I used iRedMail, so mines different | 19:10 |
Cryterion | but looking it up | 19:10 |
chesedo | nope, no fail2ban dir | 19:10 |
Cryterion | I'm trying to find out which one your mail system is using modoboa looks like a python based mail server | 19:12 |
chesedo | yes it is py based | 19:12 |
Cryterion | chesedo, join #modoboa | 19:16 |
chesedo | ty Cryterion did so... | 19:17 |
Cryterion | I'm transfering our chat there, that seems to right channel for it, if we can't come right together, someone else there could help | 19:19 |
chesedo | yip... | 19:19 |
chesedo | although i think this might have happened in the past - i just took it as the server being down - so am thinking that it might also be a service provider located... | 19:20 |
chesedo | might have to email my isp tomorrow | 19:21 |
chesedo | btw, ty Cryterion for the help so far | 19:23 |
Cryterion | np | 19:24 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!