Unblock webserver IP

mauinet

• February 15, 2015 19:56

One of our servers IP is blocked from another of our servers. It is not blocked in iptables or in the routing table. We usc configserver's csf to manage the firewall. It appears that the IP was blocked by csf. It also does not appear in lfd.log. cpHulk is disabled. Neither server can ping the other. What else could be blocking the IP? BTW, I have checked both servers for a block. Thanks, Tony R

• 

  Eric

  • February 16, 2015 02:05

  Howdy, CSF's files in /etc/csf are plain text. You should be able to do a grep in that folder to find them. Also tcptraceroute is your very best friend in these sorts of situations. I hate tracking something down only to have someone else block it. Thanks!

  0
• 

  mauinet

  • February 16, 2015 02:35

  Hello, Thanks for the reply. I have grepped for the IP in /etc/csf and /var/log and in just /etc, not found. If I traceroute to the IP, it just shows stars, not even one hop showing. TonyR

  ]Howdy, CSF's files in /etc/csf are plain text. You should be able to do a grep in that folder to find them. Also tcptraceroute is your very best friend in these sorts of situations. I hate tracking something down only to have someone else block it. Thanks!

  
  

  0
• 

  Eric

  • February 16, 2015 03:24

  Howdy, That's strange, are they in the same network block? Thanks!

  0
• 

  mauinet

  • February 16, 2015 05:10

  Not in the same block but in the same data center so not many hops away. TR

  ]Howdy, That's strange, are they in the same network block? Thanks!

  
  

  0
• 

  keat63

  • February 16, 2015 08:31

  is CSF blocking anything in either of the same subnets ? Maybe a router in the data center for instance. I guess you could temporarily disable CSF on both servers ?

  0
• 

  24x7server

  • February 16, 2015 10:57

  Hello, Yes, May be there is network issues between your servers, You will have to discuss this with your server provider. Also I will suggest you take traceroute report from your both server and forward that your DC so that they will check this for you.

  0
• 

  mauinet

  • February 16, 2015 16:52

  I think it may have been an external issue in the network. This morning, there was no longer a block. It would be nice to know what happened though. Thanks for the suggestions, TonyR

  ]Hello, Yes, May be there is network issues between your servers, You will have to discuss this with your server provider. Also I will suggest you take traceroute report from your both server and forward that your DC so that they will check this for you.

  
  

  0

Please sign in to leave a comment.