| View previous topic :: View next topic |
| Author |
Message |
Tomsen
n00b
Joined: 26 Feb 2005
Posts: 63
Location: Denmark
|
 Posted: Tue Aug 29, 2006 2:10 pm Post subject: server blocked my ip, unblock how?[SOLVED, solution unknown] |
 |
|
I've been lucky enough to get a gentoo box at a company, but when i was doing last minute configuration through ssh. Then it stopped responding and i couldn't get in contact with the server, but everyone else can. So i think my server blocked my ip, so how do i unblock it?
Ps. I got ssh access through an other server.
_________________
Don't ever argue with an idiot, he will bring you down to his level and beat you with exprience
Last edited by Tomsen on Tue Aug 29, 2006 8:27 pm; edited 1 time in total |
|
| Back to top |
|
 |
tony
n00b
Joined: 03 Aug 2006
Posts: 43
Location: Frederick, MD
|
| Posted: Tue Aug 29, 2006 2:23 pm Post subject: |
|
|
| Do you have iptables set up on this box? If so can you show what chains you have set up? The two that may be important can be accessed by doing an iptables -L and iptables -t nat -L. |
|
| Back to top |
|
|
Tomsen
n00b
Joined: 26 Feb 2005
Posts: 63
Location: Denmark
|
| Posted: Tue Aug 29, 2006 3:29 pm Post subject: Don't think iptables is to blame |
|
|
I do have iptables installed, but it's only that one ip that can't connect to the server.
here is the output of iptables -L
| Code: |
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere state ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
ACCEPT tcp -- anywhere anywhere tcp dpt:ftp
ACCEPT tcp -- anywhere anywhere tcp dpt:http
ACCEPT tcp -- anywhere anywhere tcp dpt:10000
ACCEPT tcp -- anywhere anywhere tcp dpt:27005
ACCEPT tcp -- anywhere anywhere tcp dpt:27012
ACCEPT tcp -- anywhere anywhere tcp dpt:27015
ACCEPT tcp -- anywhere anywhere tcp dpt:27016
ACCEPT udp -- anywhere anywhere udp dpt:1200
ACCEPT udp -- anywhere anywhere udp dpt:27015
ACCEPT udp -- anywhere anywhere udp dpt:27016
ACCEPT udp -- anywhere anywhere udp dpt:8768
ACCEPT udp -- anywhere anywhere udp dpt:51234
ACCEPT tcp -- anywhere anywhere tcp dpt:14534
ACCEPT udp -- anywhere anywhere udp dpt:8767
DROP all -- anywhere anywhere
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere
|
and the firewall doesn't have the ability to use nat, så the last command gives:
| Code: |
FATAL: Module ip_tables not found.
iptables v1.3.5: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
|
_________________
Don't ever argue with an idiot, he will bring you down to his level and beat you with exprience |
|
| Back to top |
|
|
msalerno
Veteran
Joined: 17 Dec 2002
Posts: 1338
Location: Sweating in South Florida
|
| Posted: Tue Aug 29, 2006 3:36 pm Post subject: |
|
|
Are you using portsentry or some other kind of filtering daemon?
Have you disabled iptables and try to reconnect?
Are you sure it's being blocked on your system? Could it be something on the corporate network or ISP?
Are the other systems you CAN connect from on the same network? Using the same external IP (via nat)?
With the limited information supplied, that all I can suggest. |
|
| Back to top |
|
|
Tomsen
n00b
Joined: 26 Feb 2005
Posts: 63
Location: Denmark
|
| Posted: Tue Aug 29, 2006 4:30 pm Post subject: |
|
|
Well i've never tried this before so i gave the information that i though was needed 
I'm not using any kind of filtering daemon, i have tried to disable iptables, but that didn't help.
My server is outside of any firewall in the company, it's connected directly to an ISP, so could be the ISP, but why should they want to block the ip, i was only using ssh ?
I can't check if computers on the same network as the server can connect, but that shouldn't be interesting to know, mostly because it is meant to be remote controlled at all time.
From other computers i can connect just fine.
_________________
Don't ever argue with an idiot, he will bring you down to his level and beat you with exprience |
|
| Back to top |
|
|
msalerno
Veteran
Joined: 17 Dec 2002
Posts: 1338
Location: Sweating in South Florida
|
| Posted: Tue Aug 29, 2006 5:13 pm Post subject: |
|
|
Sometimes if you do port scans or other activity that would look fishy to an ISP, they might block you.
To see your external IP address from a nat'd workstation, visit http://whatsmyip.net/ |
|
| Back to top |
|
|
Tomsen
n00b
Joined: 26 Feb 2005
Posts: 63
Location: Denmark
|
| Posted: Tue Aug 29, 2006 8:26 pm Post subject: problem gone |
|
|
Well i don't know how and why there isn't a problem any more  Didn't restart any of the machines, routers or switches. But it's all working again. So i'm a happy server admin again 
_________________
Don't ever argue with an idiot, he will bring you down to his level and beat you with exprience |
|
| Back to top |
|
|
|
Networking & Security
