TCP IN Blocked

upsforum

• July 12, 2016 09:55

A user have problem with ftp connection, firewall block your ip but CSF or mod security not return problems or messages, this is log (I tried and with my connection work fine):
Jul 12 16:02:51 ssd3 pure-ftpd: (?@user.ip.xxx.xxx) [INFO] New connection from user.ip.xxx.xxx Jul 12 16:02:51 ssd3 pure-ftpd: (?@user.ip.xxx.xxx) [INFO] SSL/TLS: Enabled TLSv1/SSLv3 with ECDHE-RSA-AES128-GCM-SHA256, 128 secret bits cipher Jul 12 16:02:52 ssd3 pure-ftpd: (?@user.ip.xxx.xxx) [INFO] imxcyczb is now logged in Jul 12 16:02:52 ssd3 kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=00:50:56:3c:4f:fa:00:08:e3:ff:fd:90:08:00 SRC=user.ip.xxx.xxx DST=193.37.152.142 LEN=52 TOS=0x00 PREC=0x00 TTL=118 ID=7759 DF PROTO=TCP SPT=50334 DPT=44319 WINDOW=65535 RES=0x00 SYN URGP=0 Jul 12 16:02:55 ssd3 kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=00:50:56:3c:4f:fa:00:08:e3:ff:fd:90:08:00 SRC=user.ip.xxx.xxx DST=193.37.152.142 LEN=52 TOS=0x00 PREC=0x00 TTL=118 ID=7763 DF PROTO=TCP SPT=50334 DPT=44319 WINDOW=65535 RES=0x00 SYN URGP=0 Jul 12 16:03:01 ssd3 kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=00:50:56:3c:4f:fa:00:08:e3:ff:fd:90:08:00 SRC=user.ip.xxx.xxx DST=193.37.152.142 LEN=48 TOS=0x00 PREC=0x00 TTL=118 ID=7772 DF PROTO=TCP SPT=50334 DPT=44319 WINDOW=65535 RES=0x00 SYN URGP=0 Jul 12 16:03:12 ssd3 pure-ftpd: (?@user.ip.xxx.xxx) [INFO] New connection from user.ip.xxx.xxx Jul 12 16:03:13 ssd3 pure-ftpd: (?@user.ip.xxx.xxx) [INFO] SSL/TLS: Enabled TLSv1/SSLv3 with ECDHE-RSA-AES128-GCM-SHA256, 128 secret bits cipher Jul 12 16:03:13 ssd3 pure-ftpd: (?@user.ip.xxx.xxx) [INFO] imxcyczb is now logged in Jul 12 16:03:14 ssd3 kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=00:50:56:3c:4f:fa:00:08:e3:ff:fd:90:08:00 SRC=user.ip.xxx.xxx DST=193.37.152.142 LEN=52 TOS=0x00 PREC=0x00 TTL=118 ID=7815 DF PROTO=TCP SPT=50338 DPT=28100 WINDOW=65535 RES=0x00 SYN URGP=0 Jul 12 16:03:17 ssd3 kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=00:50:56:3c:4f:fa:00:08:e3:ff:fd:90:08:00 SRC=user.ip.xxx.xxx DST=193.37.152.142 LEN=52 TOS=0x00 PREC=0x00 TTL=118 ID=7824 DF PROTO=TCP SPT=50338 DPT=28100 WINDOW=65535 RES=0x00 SYN URGP=0 Jul 12 16:03:23 ssd3 kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=00:50:56:3c:4f:fa:00:08:e3:ff:fd:90:08:00 SRC=user.ip.xxx.xxx DST=193.37.152.142 LEN=48 TOS=0x00 PREC=0x00 TTL=118 ID=7835 DF PROTO=TCP SPT=50338 DPT=28100 WINDOW=65535 RES=0x00 SYN URGP=0

• 

  cPanelMichael

  • July 12, 2016 15:56

  Hello, Is passive FTP enabled on this system, and if so, for which ports? Ensure you follow the instructions on the following document to ensure your firewall is not blocking passive FTP connections: How to Enable FTP Passive Mode - cPanel Knowledge Base - cPanel Documentation Thank you.

  0

Please sign in to leave a comment.