curl & wget time out

Help! (Home for newbies)
1

Hi,

this is not a real virtualmin thing, but maybe you can help me…

On my server, curl or wget are not able to connect. So sites that need info from other sites just hang until they time out.

Something is writing all the time to iptables (might be fail2ban? as I had to install that when the server was ddos attacked). But I’ll include the output of iptables -L here anyway.

How do I find out what is causing this?

(p.s. in “preview” I see the attachment (iptables.txt) here, but as soon as I hit save and see the real thing I don’t see it. What am I doing wrong?)

2

Howdy,

Well, there aren’t any issues that jump out at me with your firewall rules, though you could always try turning them off if you wanted to troubleshoot.

However, are you by chance running behind a NAT router? Is your server’s primary IP address a private IP, rather than a public IP?

-Eric

3

Here’s the output from iptables-save:

# Generated by iptables-save v1.4.4 on Tue Sep 23 15:54:31 2014 *nat :PREROUTING ACCEPT [9729271:898136247] :POSTROUTING ACCEPT [22077574:1522218922] :OUTPUT ACCEPT [22077574:1522218922] COMMIT # Completed on Tue Sep 23 15:54:31 2014 # Generated by iptables-save v1.4.4 on Tue Sep 23 15:54:31 2014 *mangle :PREROUTING ACCEPT [163470909:30559970773] :INPUT ACCEPT [163052307:30403985471] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [128744720:165135738580] :POSTROUTING ACCEPT [128737603:165135332155] COMMIT # Completed on Tue Sep 23 15:54:31 2014 # Generated by iptables-save v1.4.4 on Tue Sep 23 15:54:31 2014 *filter :INPUT DROP [0:0] :FORWARD DROP [0:0] :OUTPUT DROP [7117:406425] :ALLOWIN - [0:0] :ALLOWOUT - [0:0] :DENYIN - [0:0] :DENYOUT - [0:0] :INVALID - [0:0] :INVDROP - [0:0] :LOCALINPUT - [0:0] :LOCALOUTPUT - [0:0] :LOGDROPIN - [0:0] :LOGDROPOUT - [0:0] :fail2ban-ssh-ddos - [0:0] -A INPUT -p tcp -m multiport --dports 22 -j fail2ban-ssh-ddos -A INPUT -p tcp -m state --state NEW -m tcp --dport 20000 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 10000 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 20000 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 10000 -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -p tcp -m tcp --dport 22 -m state --state NEW -j ACCEPT -A INPUT -s 213.171.217.173/32 -p udp -m udp --dport 161 -m state --state NEW -j ACCEPT -A INPUT -p tcp -m tcp --dport 80 -m state --state NEW -j ACCEPT -A INPUT -p tcp -m tcp --dport 443 -m state --state NEW -j ACCEPT -A INPUT -p udp -m udp --dport 53 -m state --state NEW -j ACCEPT -A INPUT -p tcp -m tcp --dport 53 -m state --state NEW -j ACCEPT -A INPUT -p udp -m udp --dport 69 -m state --state NEW -j ACCEPT -A INPUT -p tcp -m tcp --dport 69 -m state --state NEW -j ACCEPT -A INPUT -p tcp -m tcp --dport 25 -m state --state NEW -j ACCEPT -A INPUT -p tcp -m tcp --dport 110 -m state --state NEW -j ACCEPT -A INPUT -p tcp -m tcp --dport 143 -m state --state NEW -j ACCEPT -A INPUT -p udp -m udp --dport 123 -m state --state NEW -j ACCEPT -A INPUT -p tcp -m tcp --dport 20 -m state --state NEW -j ACCEPT -A INPUT -p tcp -m tcp --dport 21 -m state --state NEW -j ACCEPT -A INPUT -p tcp -m tcp --dport 3306 -m state --state NEW -j ACCEPT -A INPUT -p udp -m udp --dport 3306 -m state --state NEW -j ACCEPT -A INPUT -j DROP -A OUTPUT -o lo -j ACCEPT -A OUTPUT -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT -A DENYIN -s 185.31.160.158/32 ! -i lo -j DROP -A DENYIN -s 190.210.142.142/32 ! -i lo -j DROP -A DENYIN -s 122.225.109.218/32 ! -i lo -j DROP -A DENYIN -s 122.225.109.211/32 ! -i lo -j DROP -A DENYIN -s 122.225.109.208/32 ! -i lo -j DROP -A DENYIN -s 1.93.33.2/32 ! -i lo -j DROP -A DENYIN -s 108.178.56.14/32 ! -i lo -j DROP -A DENYIN -s 202.165.179.126/32 ! -i lo -j DROP -A DENYIN -s 60.190.71.52/32 ! -i lo -j DROP -A DENYIN -s 148.251.20.110/32 ! -i lo -j DROP -A DENYIN -s 65.126.16.92/32 ! -i lo -j DROP -A DENYIN -s 122.225.109.102/32 ! -i lo -j DROP -A DENYIN -s 122.225.109.214/32 ! -i lo -j DROP -A DENYIN -s 116.10.191.182/32 ! -i lo -j DROP -A DENYIN -s 115.238.111.214/32 ! -i lo -j DROP -A DENYIN -s 61.147.101.110/32 ! -i lo -j DROP -A DENYIN -s 120.209.139.184/32 ! -i lo -j DROP -A DENYIN -s 194.58.88.96/32 ! -i lo -j DROP -A DENYIN -s 79.120.178.197/32 ! -i lo -j DROP -A DENYIN -s 116.10.191.236/32 ! -i lo -j DROP -A DENYIN -s 61.167.49.135/32 ! -i lo -j DROP -A DENYIN -s 116.10.191.177/32 ! -i lo -j DROP -A DENYIN -s 144.0.0.65/32 ! -i lo -j DROP -A DENYIN -s 61.4.83.186/32 ! -i lo -j DROP -A DENYIN -s 192.3.160.77/32 ! -i lo -j DROP -A DENYIN -s 122.225.109.217/32 ! -i lo -j DROP -A DENYIN -s 37.58.99.154/32 ! -i lo -j DROP -A DENYIN -s 115.112.206.171/32 ! -i lo -j DROP -A DENYIN -s 144.0.0.61/32 ! -i lo -j DROP -A DENYIN -s 122.225.109.194/32 ! -i lo -j DROP -A DENYIN -s 60.173.10.95/32 ! -i lo -j DROP -A DENYIN -s 122.225.109.207/32 ! -i lo -j DROP -A DENYIN -s 218.24.113.2/32 ! -i lo -j DROP -A DENYIN -s 61.133.211.118/32 ! -i lo -j DROP -A DENYIN -s 187.237.132.226/32 ! -i lo -j DROP -A DENYIN -s 116.10.191.183/32 ! -i lo -j DROP -A DENYIN -s 122.225.109.114/32 ! -i lo -j DROP -A DENYIN -s 144.0.0.48/32 ! -i lo -j DROP -A DENYIN -s 122.225.109.100/32 ! -i lo -j DROP -A DENYIN -s 47.68.203.61/32 ! -i lo -j DROP -A DENYIN -s 144.0.0.70/32 ! -i lo -j DROP -A DENYIN -s 113.107.233.165/32 ! -i lo -j DROP -A DENYIN -s 42.62.17.250/32 ! -i lo -j DROP -A DENYIN -s 103.20.148.157/32 ! -i lo -j DROP -A DENYIN -s 189.203.240.50/32 ! -i lo -j DROP -A DENYIN -s 1.93.34.213/32 ! -i lo -j DROP -A DENYIN -s 192.69.94.98/32 ! -i lo -j DROP -A DENYIN -s 80.241.46.147/32 ! -i lo -j DROP -A DENYIN -s 203.147.88.202/32 ! -i lo -j DROP -A DENYIN -s 144.0.0.49/32 ! -i lo -j DROP -A DENYIN -s 122.225.109.101/32 ! -i lo -j DROP -A DENYIN -s 222.186.34.237/32 ! -i lo -j DROP -A DENYIN -s 222.186.34.239/32 ! -i lo -j DROP -A DENYIN -s 222.186.34.241/32 ! -i lo -j DROP -A DENYIN -s 222.186.34.238/32 ! -i lo -j DROP -A DENYIN -s 222.186.34.242/32 ! -i lo -j DROP -A DENYIN -s 222.186.34.244/32 ! -i lo -j DROP -A DENYIN -s 222.186.34.245/32 ! -i lo -j DROP -A DENYIN -s 222.186.34.246/32 ! -i lo -j DROP -A DENYIN -s 222.186.34.240/32 ! -i lo -j DROP -A DENYIN -s 222.186.34.243/32 ! -i lo -j DROP -A DENYIN -s 222.186.34.36/32 ! -i lo -j DROP -A DENYIN -s 115.239.248.121/32 ! -i lo -j DROP -A DENYIN -s 220.177.198.40/32 ! -i lo -j DROP -A DENYIN -s 220.177.198.38/32 ! -i lo -j DROP -A DENYIN -s 115.239.248.122/32 ! -i lo -j DROP -A DENYIN -s 220.177.198.24/32 ! -i lo -j DROP -A DENYIN -s 115.239.248.57/32 ! -i lo -j DROP -A DENYIN -s 115.239.248.50/32 ! -i lo -j DROP -A DENYIN -s 115.239.248.51/32 ! -i lo -j DROP -A DENYIN -s 117.21.191.209/32 ! -i lo -j DROP -A DENYIN -s 115.239.248.90/32 ! -i lo -j DROP -A DENYIN -s 220.177.198.93/32 ! -i lo -j DROP -A DENYIN -s 151.237.190.123/32 ! -i lo -j DROP -A DENYIN -s 200.75.106.70/32 ! -i lo -j DROP -A DENYIN -s 176.102.37.57/32 ! -i lo -j DROP -A DENYIN -s 122.225.109.117/32 ! -i lo -j DROP -A DENYIN -s 117.41.182.252/32 ! -i lo -j DROP -A DENYIN -s 69.16.238.6/32 ! -i lo -j DROP -A DENYIN -s 111.74.238.237/32 ! -i lo -j DROP -A DENYIN -s 111.74.238.152/32 ! -i lo -j DROP -A DENYIN -s 111.74.238.151/32 ! -i lo -j DROP -A DENYIN -s 222.186.34.122/32 ! -i lo -j DROP -A DENYIN -s 111.74.239.35/32 ! -i lo -j DROP -A DENYIN -s 202.109.143.18/32 ! -i lo -j DROP -A DENYIN -s 111.74.239.197/32 ! -i lo -j DROP -A DENYIN -s 222.186.34.117/32 ! -i lo -j DROP -A DENYIN -s 202.109.143.5/32 ! -i lo -j DROP -A DENYIN -s 202.109.143.16/32 ! -i lo -j DROP -A DENYIN -s 202.109.143.42/32 ! -i lo -j DROP -A DENYIN -s 202.109.143.53/32 ! -i lo -j DROP -A DENYIN -s 202.109.143.89/32 ! -i lo -j DROP -A DENYIN -s 222.186.34.121/32 ! -i lo -j DROP -A DENYIN -s 202.109.143.56/32 ! -i lo -j DROP -A DENYIN -s 115.239.248.85/32 ! -i lo -j DROP -A DENYIN -s 222.186.34.118/32 ! -i lo -j DROP -A DENYIN -s 222.186.34.119/32 ! -i lo -j DROP -A DENYIN -s 222.186.34.123/32 ! -i lo -j DROP -A DENYIN -s 202.109.143.95/32 ! -i lo -j DROP -A DENYIN -s 222.186.34.115/32 ! -i lo -j DROP -A DENYIN -s 111.74.238.125/32 ! -i lo -j DROP -A DENYIN -s 222.186.58.205/32 ! -i lo -j DROP -A DENYIN -s 222.187.221.152/32 ! -i lo -j DROP -A DENYIN -s 222.186.50.229/32 ! -i lo -j DROP -A DENYIN -s 122.225.109.221/32 ! -i lo -j DROP -A DENYIN -s 222.186.34.116/32 ! -i lo -j DROP -A DENYIN -s 61.174.50.213/32 ! -i lo -j DROP -A DENYIN -s 111.74.238.124/32 ! -i lo -j DROP -A DENYIN -s 222.186.34.114/32 ! -i lo -j DROP -A DENYIN -s 176.42.4.149/32 ! -i lo -j DROP -A DENYIN -s 61.156.8.189/32 ! -i lo -j DROP -A DENYIN -s 122.225.109.195/32 ! -i lo -j DROP -A DENYIN -s 60.173.10.205/32 ! -i lo -j DROP -A DENYIN -s 122.225.109.118/32 ! -i lo -j DROP -A DENYIN -s 219.138.135.56/32 ! -i lo -j DROP -A DENYIN -s 222.186.58.241/32 ! -i lo -j DROP -A DENYIN -s 117.21.173.177/32 ! -i lo -j DROP -A DENYIN -s 117.21.173.179/32 ! -i lo -j DROP -A DENYIN -s 222.186.58.242/32 ! -i lo -j DROP -A DENYIN -s 222.186.51.150/32 ! -i lo -j DROP -A DENYIN -s 222.186.58.10/32 ! -i lo -j DROP -A DENYIN -s 222.186.50.61/32 ! -i lo -j DROP -A DENYIN -s 222.187.220.246/32 ! -i lo -j DROP -A DENYIN -s 218.30.22.119/32 ! -i lo -j DROP -A DENYIN -s 171.35.103.5/32 ! -i lo -j DROP -A DENYIN -s 203.110.169.43/32 ! -i lo -j DROP -A DENYIN -s 82.146.55.80/32 ! -i lo -j DROP -A DENYIN -s 193.107.17.72/32 ! -i lo -j DROP -A DENYIN -s 122.225.109.199/32 ! -i lo -j DROP -A DENYIN -s 117.110.25.97/32 ! -i lo -j DROP -A DENYIN -s 61.183.1.8/32 ! -i lo -j DROP -A DENYIN -s 122.225.109.196/32 ! -i lo -j DROP -A DENYIN -s 222.186.52.160/32 ! -i lo -j DROP -A DENYIN -s 103.27.127.50/32 ! -i lo -j DROP -A DENYIN -s 217.199.227.206/32 ! -i lo -j DROP -A DENYIN -s 61.174.51.215/32 ! -i lo -j DROP -A DENYIN -s 61.167.49.139/32 ! -i lo -j DROP -A DENYIN -s 123.30.214.137/32 ! -i lo -j DROP -A DENYIN -s 122.225.109.206/32 ! -i lo -j DROP -A DENYIN -s 194.168.100.36/32 ! -i lo -j DROP -A DENYIN -s 122.225.109.216/32 ! -i lo -j DROP -A DENYIN -s 221.6.233.62/32 ! -i lo -j DROP -A DENYIN -s 212.129.56.29/32 ! -i lo -j DROP -A DENYIN -s 109.169.41.164/32 ! -i lo -j DROP -A DENYIN -s 122.225.109.200/32 ! -i lo -j DROP -A DENYIN -s 60.173.11.108/32 ! -i lo -j DROP -A DENYIN -s 189.203.240.71/32 ! -i lo -j DROP -A DENYIN -s 122.226.140.158/32 ! -i lo -j DROP -A DENYIN -s 61.174.51.230/32 ! -i lo -j DROP -A DENYIN -s 117.21.173.175/32 ! -i lo -j DROP -A DENYIN -s 61.174.51.212/32 ! -i lo -j DROP -A DENYIN -s 61.174.51.227/32 ! -i lo -j DROP -A DENYIN -s 58.18.172.171/32 ! -i lo -j DROP -A DENYIN -s 213.229.113.27/32 ! -i lo -j DROP -A DENYIN -s 122.225.109.197/32 ! -i lo -j DROP -A DENYIN -s 60.173.11.104/32 ! -i lo -j DROP -A DENYIN -s 218.2.0.132/32 ! -i lo -j DROP -A DENYIN -s 218.6.19.50/32 ! -i lo -j DROP -A DENYIN -s 88.150.239.4/32 ! -i lo -j DROP -A DENYIN -s 60.173.26.163/32 ! -i lo -j DROP -A DENYIN -s 61.174.51.211/32 ! -i lo -j DROP -A DENYIN -s 61.174.51.229/32 ! -i lo -j DROP -A DENYIN -s 144.0.0.35/32 ! -i lo -j DROP -A DENYIN -s 61.174.51.232/32 ! -i lo -j DROP -A DENYIN -s 95.110.224.185/32 ! -i lo -j DROP -A DENYIN -s 50.56.193.15/32 ! -i lo -j DROP -A DENYIN -s 31.199.3.187/32 ! -i lo -j DROP -A DENYIN -s 37.9.53.91/32 ! -i lo -j DROP -A DENYIN -s 122.225.109.110/32 ! -i lo -j DROP -A DENYIN -s 144.0.0.51/32 ! -i lo -j DROP -A DENYIN -s 60.173.10.69/32 ! -i lo -j DROP -A DENYIN -s 115.248.176.229/32 ! -i lo -j DROP -A DENYIN -s 122.225.109.113/32 ! -i lo -j DROP -A DENYIN -s 91.183.69.99/32 ! -i lo -j DROP -A DENYIN -s 222.219.187.9/32 ! -i lo -j DROP -A DENYIN -s 118.244.159.214/32 ! -i lo -j DROP -A DENYIN -s 119.188.7.201/32 ! -i lo -j DROP -A DENYIN -s 123.157.150.57/32 ! -i lo -j DROP -A DENYIN -s 212.7.212.23/32 ! -i lo -j DROP -A DENYIN -s 122.225.109.222/32 ! -i lo -j DROP -A DENYIN -s 61.174.50.216/32 ! -i lo -j DROP -A DENYIN -s 144.0.0.59/32 ! -i lo -j DROP -A DENYIN -s 190.196.209.41/32 ! -i lo -j DROP -A DENYIN -s 61.174.51.234/32 ! -i lo -j DROP -A DENYIN -s 23.102.130.171/32 ! -i lo -j DROP -A DENYIN -s 61.174.50.184/32 ! -i lo -j DROP -A DENYIN -s 112.199.117.198/32 ! -i lo -j DROP -A DENYIN -s 31.181.181.120/32 ! -i lo -j DROP -A DENYIN -s 210.14.69.244/32 ! -i lo -j DROP -A DENYIN -s 122.228.207.76/32 ! -i lo -j DROP -A DENYIN -s 122.225.109.98/32 ! -i lo -j DROP -A DENYIN -s 222.186.52.3/32 ! -i lo -j DROP -A DENYIN -s 218.2.0.125/32 ! -i lo -j DROP -A DENYIN -s 92.44.212.179/32 ! -i lo -j DROP -A DENYIN -s 75.148.216.82/32 ! -i lo -j DROP -A DENYIN -s 219.148.196.154/32 ! -i lo -j DROP -A DENYIN -s 122.225.109.109/32 ! -i lo -j DROP -A DENYIN -s 122.225.109.202/32 ! -i lo -j DROP -A DENYIN -s 211.154.213.117/32 ! -i lo -j DROP -A DENYIN -s 122.225.109.198/32 ! -i lo -j DROP -A DENYOUT -d 185.31.160.158/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 190.210.142.142/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 122.225.109.218/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 122.225.109.211/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 122.225.109.208/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 1.93.33.2/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 108.178.56.14/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 202.165.179.126/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 60.190.71.52/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 148.251.20.110/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 65.126.16.92/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 122.225.109.102/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 122.225.109.214/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 116.10.191.182/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 115.238.111.214/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 61.147.101.110/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 120.209.139.184/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 194.58.88.96/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 79.120.178.197/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 116.10.191.236/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 61.167.49.135/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 116.10.191.177/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 144.0.0.65/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 61.4.83.186/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 192.3.160.77/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 122.225.109.217/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 37.58.99.154/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 115.112.206.171/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 144.0.0.61/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 122.225.109.194/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 60.173.10.95/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 122.225.109.207/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 218.24.113.2/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 61.133.211.118/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 187.237.132.226/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 116.10.191.183/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 122.225.109.114/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 144.0.0.48/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 122.225.109.100/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 47.68.203.61/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 144.0.0.70/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 113.107.233.165/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 42.62.17.250/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 103.20.148.157/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 189.203.240.50/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 1.93.34.213/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 192.69.94.98/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 80.241.46.147/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 203.147.88.202/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 144.0.0.49/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 122.225.109.101/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 222.186.34.237/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 222.186.34.239/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 222.186.34.241/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 222.186.34.238/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 222.186.34.242/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 222.186.34.244/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 222.186.34.245/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 222.186.34.246/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 222.186.34.240/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 222.186.34.243/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 222.186.34.36/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 115.239.248.121/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 220.177.198.40/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 220.177.198.38/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 115.239.248.122/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 220.177.198.24/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 115.239.248.57/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 115.239.248.50/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 115.239.248.51/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 117.21.191.209/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 115.239.248.90/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 220.177.198.93/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 151.237.190.123/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 200.75.106.70/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 176.102.37.57/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 122.225.109.117/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 117.41.182.252/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 69.16.238.6/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 111.74.238.237/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 111.74.238.152/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 111.74.238.151/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 222.186.34.122/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 111.74.239.35/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 202.109.143.18/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 111.74.239.197/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 222.186.34.117/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 202.109.143.5/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 202.109.143.16/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 202.109.143.42/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 202.109.143.53/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 202.109.143.89/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 222.186.34.121/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 202.109.143.56/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 115.239.248.85/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 222.186.34.118/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 222.186.34.119/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 222.186.34.123/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 202.109.143.95/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 222.186.34.115/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 111.74.238.125/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 222.186.58.205/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 222.187.221.152/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 222.186.50.229/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 122.225.109.221/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 222.186.34.116/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 61.174.50.213/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 111.74.238.124/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 222.186.34.114/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 176.42.4.149/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 61.156.8.189/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 122.225.109.195/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 60.173.10.205/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 122.225.109.118/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 219.138.135.56/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 222.186.58.241/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 117.21.173.177/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 117.21.173.179/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 222.186.58.242/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 222.186.51.150/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 222.186.58.10/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 222.186.50.61/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 222.187.220.246/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 218.30.22.119/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 171.35.103.5/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 203.110.169.43/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 82.146.55.80/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 193.107.17.72/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 122.225.109.199/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 117.110.25.97/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 61.183.1.8/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 122.225.109.196/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 222.186.52.160/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 103.27.127.50/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 217.199.227.206/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 61.174.51.215/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 61.167.49.139/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 123.30.214.137/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 122.225.109.206/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 194.168.100.36/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 122.225.109.216/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 221.6.233.62/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 212.129.56.29/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 109.169.41.164/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 122.225.109.200/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 60.173.11.108/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 189.203.240.71/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 122.226.140.158/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 61.174.51.230/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 117.21.173.175/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 61.174.51.212/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 61.174.51.227/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 58.18.172.171/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 213.229.113.27/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 122.225.109.197/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 60.173.11.104/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 218.2.0.132/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 218.6.19.50/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 88.150.239.4/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 60.173.26.163/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 61.174.51.211/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 61.174.51.229/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 144.0.0.35/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 61.174.51.232/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 95.110.224.185/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 50.56.193.15/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 31.199.3.187/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 37.9.53.91/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 122.225.109.110/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 144.0.0.51/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 60.173.10.69/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 115.248.176.229/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 122.225.109.113/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 91.183.69.99/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 222.219.187.9/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 118.244.159.214/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 119.188.7.201/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 123.157.150.57/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 212.7.212.23/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 122.225.109.222/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 61.174.50.216/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 144.0.0.59/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 190.196.209.41/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 61.174.51.234/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 23.102.130.171/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 61.174.50.184/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 112.199.117.198/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 31.181.181.120/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 210.14.69.244/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 122.228.207.76/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 122.225.109.98/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 222.186.52.3/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 218.2.0.125/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 92.44.212.179/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 75.148.216.82/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 219.148.196.154/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 122.225.109.109/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 122.225.109.202/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 211.154.213.117/32 ! -o lo -j LOGDROPOUT -A DENYOUT -d 122.225.109.198/32 ! -o lo -j LOGDROPOUT -A fail2ban-ssh-ddos -j RETURN COMMIT # Completed on Tue Sep 23 15:54:31 2014
4

Hi Eric, thanks for your answer!

I don’t think it’s behind a NAT router, all this used to work before… I’ll see if I can find out how to disbale iptables temporarily and see what happens.

5

And here’s ip6tables-save:
(I don’t know why there’s two versions running at the same time…)

# Generated by ip6tables-save v1.4.4 on Tue Sep 23 16:18:56 2014 *filter :INPUT DROP [0:0] :FORWARD DROP [0:0] :OUTPUT DROP [0:0] :ALLOWIN - [0:0] :ALLOWOUT - [0:0] :DENYIN - [0:0] :DENYOUT - [0:0] :INVALID - [0:0] :INVDROP - [0:0] :LOCALINPUT - [0:0] :LOCALOUTPUT - [0:0] :LOGDROPIN - [0:0] :LOGDROPOUT - [0:0] -A INPUT ! -i lo -j LOCALINPUT -A INPUT -i lo -j ACCEPT -A INPUT ! -i lo -p tcp -j INVALID -A INPUT ! -i lo -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 20 -j ACCEPT -A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 21 -j ACCEPT -A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT -A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 25 -j ACCEPT -A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 53 -j ACCEPT -A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT -A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 110 -j ACCEPT -A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 143 -j ACCEPT -A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT -A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 465 -j ACCEPT -A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 587 -j ACCEPT -A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 993 -j ACCEPT -A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 995 -j ACCEPT -A INPUT ! -i lo -p udp -m state --state NEW -m udp --dport 20 -j ACCEPT -A INPUT ! -i lo -p udp -m state --state NEW -m udp --dport 21 -j ACCEPT -A INPUT ! -i lo -p udp -m state --state NEW -m udp --dport 53 -j ACCEPT -A INPUT ! -i lo -p ipv6-icmp -j ACCEPT -A INPUT ! -i lo -j LOGDROPIN -A OUTPUT ! -o lo -j LOCALOUTPUT -A OUTPUT ! -o lo -p tcp -m tcp --dport 53 -j ACCEPT -A OUTPUT ! -o lo -p udp -m udp --dport 53 -j ACCEPT -A OUTPUT ! -o lo -p tcp -m tcp --sport 53 -j ACCEPT -A OUTPUT ! -o lo -p udp -m udp --sport 53 -j ACCEPT -A OUTPUT -o lo -j ACCEPT -A OUTPUT ! -o lo -p tcp -j INVALID -A OUTPUT ! -o lo -m state --state RELATED,ESTABLISHED -j ACCEPT -A OUTPUT ! -o lo -p tcp -m state --state NEW -m tcp --dport 20 -j ACCEPT -A OUTPUT ! -o lo -p tcp -m state --state NEW -m tcp --dport 21 -j ACCEPT -A OUTPUT ! -o lo -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT -A OUTPUT ! -o lo -p tcp -m state --state NEW -m tcp --dport 25 -j ACCEPT -A OUTPUT ! -o lo -p tcp -m state --state NEW -m tcp --dport 53 -j ACCEPT -A OUTPUT ! -o lo -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT -A OUTPUT ! -o lo -p tcp -m state --state NEW -m tcp --dport 110 -j ACCEPT -A OUTPUT ! -o lo -p tcp -m state --state NEW -m tcp --dport 113 -j ACCEPT -A OUTPUT ! -o lo -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT -A OUTPUT ! -o lo -p udp -m state --state NEW -m udp --dport 20 -j ACCEPT -A OUTPUT ! -o lo -p udp -m state --state NEW -m udp --dport 21 -j ACCEPT -A OUTPUT ! -o lo -p udp -m state --state NEW -m udp --dport 53 -j ACCEPT -A OUTPUT ! -o lo -p udp -m state --state NEW -m udp --dport 113 -j ACCEPT -A OUTPUT ! -o lo -p udp -m state --state NEW -m udp --dport 123 -j ACCEPT -A OUTPUT ! -o lo -p ipv6-icmp -j ACCEPT -A OUTPUT ! -o lo -j LOGDROPOUT -A INVALID -m state --state INVALID -j INVDROP -A INVALID -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -j INVDROP -A INVALID -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,SYN,RST,PSH,ACK,URG -j INVDROP -A INVALID -p tcp -m tcp --tcp-flags FIN,SYN FIN,SYN -j INVDROP -A INVALID -p tcp -m tcp --tcp-flags SYN,RST SYN,RST -j INVDROP -A INVALID -p tcp -m tcp --tcp-flags FIN,RST FIN,RST -j INVDROP -A INVALID -p tcp -m tcp --tcp-flags FIN,ACK FIN -j INVDROP -A INVALID -p tcp -m tcp --tcp-flags PSH,ACK PSH -j INVDROP -A INVALID -p tcp -m tcp --tcp-flags ACK,URG URG -j INVDROP -A INVALID -p tcp -m tcp ! --tcp-flags FIN,SYN,RST,ACK SYN -m state --state NEW -j INVDROP -A INVDROP -j DROP -A LOCALINPUT ! -i lo -j ALLOWIN -A LOCALINPUT ! -i lo -j DENYIN -A LOCALOUTPUT ! -o lo -j ALLOWOUT -A LOCALOUTPUT ! -o lo -j DENYOUT -A LOGDROPIN -p tcp -m tcp --dport 67 -j DROP -A LOGDROPIN -p udp -m udp --dport 67 -j DROP -A LOGDROPIN -p tcp -m tcp --dport 68 -j DROP -A LOGDROPIN -p udp -m udp --dport 68 -j DROP -A LOGDROPIN -p tcp -m tcp --dport 111 -j DROP -A LOGDROPIN -p udp -m udp --dport 111 -j DROP -A LOGDROPIN -p tcp -m tcp --dport 113 -j DROP -A LOGDROPIN -p udp -m udp --dport 113 -j DROP -A LOGDROPIN -p tcp -m tcp --dport 135:139 -j DROP -A LOGDROPIN -p udp -m udp --dport 135:139 -j DROP -A LOGDROPIN -p tcp -m tcp --dport 445 -j DROP -A LOGDROPIN -p udp -m udp --dport 445 -j DROP -A LOGDROPIN -p tcp -m tcp --dport 500 -j DROP -A LOGDROPIN -p udp -m udp --dport 500 -j DROP -A LOGDROPIN -p tcp -m tcp --dport 513 -j DROP -A LOGDROPIN -p udp -m udp --dport 513 -j DROP -A LOGDROPIN -p tcp -m tcp --dport 520 -j DROP -A LOGDROPIN -p udp -m udp --dport 520 -j DROP -A LOGDROPIN -p tcp -m limit --limit 30/min -j LOG --log-prefix "Firewall: *TCP6IN Blocked* " -A LOGDROPIN -p udp -m limit --limit 30/min -j LOG --log-prefix "Firewall: *UDP6IN Blocked* " -A LOGDROPIN -p ipv6-icmp -m limit --limit 30/min -j LOG --log-prefix "Firewall: *ICMP6IN Blocked* " -A LOGDROPIN -j DROP -A LOGDROPOUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -m limit --limit 30/min -j LOG --log-prefix "Firewall: *TCP6OUT Blocked* " --log-uid -A LOGDROPOUT -p udp -m limit --limit 30/min -j LOG --log-prefix "Firewall: *UDP6OUT Blocked* " --log-uid -A LOGDROPOUT -p ipv6-icmp -m limit --limit 30/min -j LOG --log-prefix "Firewall: *ICMP6OUT Blocked* " --log-uid -A LOGDROPOUT -j DROP COMMIT # Completed on Tue Sep 23 16:18:56 2014
6

Howdy,

Well, the output of “iptables -L” is the only thing that would matter, as that shows what is active. Rules can be active without necessarily being listed in the iptables save file.

Do you see any related errors in your log files? Normally, you’ll see a notification when the firewall drops packets.

Also, when logged into your server over SSH, can you telnet to port 80?

Lastly, what is the output of “/sbin/ifconfig”? You can hide part of your IP addresses if you want, but make sure the first two numbers are still listed, if possible.

-Eric

7

Thanks Eric!

About checking the logs, I know this will sound stupid, but I don’t know where and what to look for really… Somebody suggested writing a script that would try to connect to another server, and thus producing a lot of log file entries so it’d be easier to spot where the problem is…

Anyway, here’s what you asked:

telnet:

telnet checkip.dyndns.org 80 Trying 216.146.43.70... Trying 91.198.22.70... Trying 216.146.38.70... Trying 216.146.39.70... telnet: Unable to connect to remote host: Connection timed out

ifconfig:

eth0 Link encap:Ethernet HWaddr 00:19:99:59:cd:ab inet addr:88.208.193.145 Bcast:88.208.195.255 Mask:255.255.252.0 inet6 addr: fe80::219:99ff:fe59:cdab/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:155289496 errors:0 dropped:0 overruns:0 frame:0 TX packets:195464199 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:30547529182 (30.5 GB) TX bytes:186898372368 (186.8 GB) Memory:fc400000-fc420000

eth0:1 Link encap:Ethernet HWaddr 00:19:99:59:cd:ab
inet addr:88.208.193.146 Bcast:88.208.195.255 Mask:255.255.252.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Memory:fc400000-fc420000

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:39832613 errors:0 dropped:0 overruns:0 frame:0
TX packets:39832613 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:5586105785 (5.5 GB) TX bytes:5586105785 (5.5 GB)

iptables -L:

Chain INPUT (policy DROP) target prot opt source destination fail2ban-ssh-ddos tcp -- anywhere anywhere multiport dports ssh ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:20000 ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:webmin ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:20000 ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:webmin ACCEPT all -- anywhere anywhere ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT tcp -- anywhere anywhere tcp dpt:ssh state NEW ACCEPT udp -- 213.171.217.173 anywhere udp dpt:snmp state NEW ACCEPT tcp -- anywhere anywhere tcp dpt:www state NEW ACCEPT tcp -- anywhere anywhere tcp dpt:https state NEW ACCEPT udp -- anywhere anywhere udp dpt:domain state NEW ACCEPT tcp -- anywhere anywhere tcp dpt:domain state NEW ACCEPT udp -- anywhere anywhere udp dpt:tftp state NEW ACCEPT tcp -- anywhere anywhere tcp dpt:69 state NEW ACCEPT tcp -- anywhere anywhere tcp dpt:smtp state NEW ACCEPT tcp -- anywhere anywhere tcp dpt:pop3 state NEW ACCEPT tcp -- anywhere anywhere tcp dpt:imap2 state NEW ACCEPT udp -- anywhere anywhere udp dpt:ntp state NEW ACCEPT tcp -- anywhere anywhere tcp dpt:ftp-data state NEW ACCEPT tcp -- anywhere anywhere tcp dpt:ftp state NEW ACCEPT tcp -- anywhere anywhere tcp dpt:mysql state NEW ACCEPT udp -- anywhere anywhere udp dpt:mysql state NEW DROP all -- anywhere anywhere

Chain FORWARD (policy DROP)
target prot opt source destination

Chain OUTPUT (policy DROP)
target prot opt source destination
ACCEPT all – anywhere anywhere
ACCEPT all – anywhere anywhere state NEW,RELATED,ESTABLISHED

Chain ALLOWIN (0 references)
target prot opt source destination

Chain ALLOWOUT (0 references)
target prot opt source destination

Chain DENYIN (0 references)
target prot opt source destination
DROP all – 222.186.34.122 anywhere
DROP all – 111.74.239.35 anywhere
DROP all – 202.109.143.18 anywhere
DROP all – 111.74.239.197 anywhere
DROP all – 222.186.34.117 anywhere
DROP all – 202.109.143.5 anywhere
DROP all – 202.109.143.16 anywhere
DROP all – 202.109.143.42 anywhere
DROP all – 202.109.143.53 anywhere
DROP all – 202.109.143.89 anywhere
DROP all – 222.186.34.121 anywhere
DROP all – 202.109.143.56 anywhere
DROP all – 115.239.248.85 anywhere
DROP all – 222.186.34.118 anywhere
DROP all – 222.186.34.119 anywhere
DROP all – 222.186.34.123 anywhere
DROP all – 202.109.143.95 anywhere
DROP all – 222.186.34.115 anywhere
DROP all – 111.74.238.125 anywhere
DROP all – 222.186.58.205 anywhere
DROP all – 222.187.221.152 anywhere
DROP all – 222.186.50.229 anywhere
DROP all – 122.225.109.221 anywhere
DROP all – 222.186.34.116 anywhere
DROP all – 213.50.174.61.dial.wz.zj.dynamic.163data.com.cn anywhere
DROP all – 111.74.238.124 anywhere
DROP all – 222.186.34.114 anywhere
DROP all – host-176-42-4-149.reverse.superonline.net anywhere
DROP all – 61.156.8.189 anywhere
DROP all – 122.225.109.195 anywhere
DROP all – 60.173.10.205 anywhere
DROP all – 122.225.109.118 anywhere
DROP all – 219.138.135.56 anywhere
DROP all – 222.186.58.241 anywhere
DROP all – 117.21.173.177 anywhere
DROP all – 117.21.173.179 anywhere
DROP all – 222.186.58.242 anywhere
DROP all – 222.186.51.150 anywhere
DROP all – 222.186.58.10 anywhere
DROP all – 222.186.50.61 anywhere
DROP all – 222.187.220.246 anywhere
DROP all – 218.30.22.119 anywhere
DROP all – 5.103.35.171.adsl-pool.jx.chinaunicom.com anywhere
DROP all – 43.169.110.203.in-addr.arpa anywhere
DROP all – cirsfera.ru anywhere
DROP all – 193.107.17.72 anywhere
DROP all – 122.225.109.199 anywhere
DROP all – 117.110.25.97 anywhere
DROP all – 61.183.1.8 anywhere
DROP all – 122.225.109.196 anywhere
DROP all – 222.186.52.160 anywhere
DROP all – 103-27-127-50.sunnyvision.com anywhere
DROP all – 217.199.227.206 anywhere
DROP all – 215.51.174.61.dial.wz.zj.dynamic.163data.com.cn anywhere
DROP all – 61.167.49.139 anywhere
DROP all – static.vdc.vn anywhere
DROP all – 122.225.109.206 anywhere
DROP all – 36.100-168-194.static.virginmediabusiness.co.uk anywhere
DROP all – 122.225.109.216 anywhere
DROP all – 221.6.233.62 anywhere
DROP all – 212-129-56-29.rev.poneytelecom.eu anywhere
DROP all – 109.169.41.164 anywhere
DROP all – 122.225.109.200 anywhere
DROP all – 60.173.11.108 anywhere
DROP all – fixed-203-240-71.iusacell.net anywhere
DROP all – 122.226.140.158 anywhere
DROP all – 230.51.174.61.dial.wz.zj.dynamic.163data.com.cn anywhere
DROP all – 117.21.173.175 anywhere
DROP all – 212.51.174.61.dial.wz.zj.dynamic.163data.com.cn anywhere
DROP all – 227.51.174.61.dial.wz.zj.dynamic.163data.com.cn anywhere
DROP all – 58.18.172.171 anywhere
DROP all – . anywhere
DROP all – 122.225.109.197 anywhere
DROP all – 60.173.11.104 anywhere
DROP all – 218.2.0.132 anywhere
DROP all – 218.6.19.50 anywhere
DROP all – h88-150-239-4.host.redstation.co.uk anywhere
DROP all – 60.173.26.163 anywhere
DROP all – 211.51.174.61.dial.wz.zj.dynamic.163data.com.cn anywhere
DROP all – 229.51.174.61.dial.wz.zj.dynamic.163data.com.cn anywhere
DROP all – 144.0.0.35 anywhere
DROP all – 232.51.174.61.dial.wz.zj.dynamic.163data.com.cn anywhere
DROP all – host185-224-110-95.serverdedicati.aruba.it anywhere
DROP all – 50-56-193-15.static.cloud-ips.com anywhere
DROP all – host187-3-static.199-31-b.business.telecomitalia.it anywhere
DROP all – 37.9.53.91 anywhere
DROP all – 122.225.109.110 anywhere
DROP all – 144.0.0.51 anywhere
DROP all – 60.173.10.69 anywhere
DROP all – 115.248.176.229 anywhere
DROP all – 122.225.109.113 anywhere
DROP all – 99.69-183-91.adsl-static.isp.belgacom.be anywhere
DROP all – 222.219.187.9 anywhere
DROP all – 118.244.159.214 anywhere
DROP all – 119.188.7.201 anywhere
DROP all – 123.157.150.57 anywhere
DROP all – steel.fibrenetworks.org anywhere
DROP all – 122.225.109.222 anywhere
DROP all – 216.50.174.61.dial.wz.zj.dynamic.163data.com.cn anywhere
DROP all – 144.0.0.59 anywhere
DROP all – 41.209.196.190.orbyta.com.in-addr.arpa anywhere
DROP all – 234.51.174.61.dial.wz.zj.dynamic.163data.com.cn anywhere
DROP all – 23.102.130.171 anywhere
DROP all – 184.50.174.61.dial.wz.zj.dynamic.163data.com.cn anywhere
DROP all – 198.117.199.112.clbrz.inet.eastern-tele.com anywhere
DROP all – 31.181.181.120 anywhere
DROP all – 210.14.69.244 anywhere
DROP all – 122.228.207.76 anywhere
DROP all – 122.225.109.98 anywhere
DROP all – 222.186.52.3 anywhere
DROP all – 218.2.0.125 anywhere
DROP all – host-92-44-212-179.reverse.superonline.net anywhere
DROP all – 75-148-216-82-Houston.hfc.comcastbusiness.net anywhere
DROP all – 219.148.196.154 anywhere
DROP all – 122.225.109.109 anywhere
DROP all – 122.225.109.202 anywhere
DROP all – 211.154.213.117 anywhere
DROP all – 122.225.109.198 anywhere
DROP all – 122.225.109.209 anywhere
DROP all – 122.225.109.203 anywhere
DROP all – 122.225.109.219 anywhere
DROP all – 144.0.0.66 anywhere
DROP all – 82.221.102.179 anywhere
DROP all – 82.221.109.194 anywhere
DROP all – 1.93.29.130 anywhere
DROP all – 117.27.152.26 anywhere
DROP all – 226.51.174.61.dial.wz.zj.dynamic.163data.com.cn anywhere
DROP all – 222.191.249.132 anywhere
DROP all – 193.104.41.202 anywhere
DROP all – 193.104.41.10 anywhere
DROP all – fixed-203-240-24.iusacell.net anywhere
DROP all – 91.240.163.39 anywhere
DROP all – 144.0.0.54 anywhere
DROP all – 187-40-80-102.user.veloxzone.com.br anywhere
DROP all – usloft1168.serverprofi24.com anywhere
DROP all – 122.225.109.104 anywhere
DROP all – 202.165.179.126 anywhere
DROP all – 212-83-150-74.rev.poneytelecom.eu anywhere
DROP all – 183.224.42.11 anywhere
DROP all – 31.181.230.201 anywhere
DROP all – 122.225.109.108 anywhere
DROP all – 218.2.0.133 anywhere
DROP all – 182.140.141.26 anywhere
DROP all – 122.225.109.106 anywhere
DROP all – 122.225.109.217 anywhere
DROP all – 233.51.174.61.dial.wz.zj.dynamic.163data.com.cn anywhere
DROP all – 119.82.99.3.reverse.spectranet.in anywhere
DROP all – 228.51.174.61.dial.wz.zj.dynamic.163data.com.cn anywhere
DROP all – 31.181.134.100 anywhere
DROP all – 214.51.174.61.dial.wz.zj.dynamic.163data.com.cn anywhere
DROP all – 122.225.103.118 anywhere
DROP all – 202.129.16.27 anywhere
DROP all – corp-200-105-232-100-uio.punto.net.ec anywhere
DROP all – fixed-203-240-34.iusacell.net anywhere
DROP all – 135.109.214.105 anywhere
DROP all – 235.50.174.61.dial.wz.zj.dynamic.163data.com.cn anywhere
DROP all – 61.143.236.193 anywhere
DROP all – 144.0.0.33 anywhere
DROP all – 122.225.109.100 anywhere
DROP all – 222.122.30.51 anywhere
DROP all – 212-129-11-247.rev.poneytelecom.eu anywhere
DROP all – 172.50.174.61.dial.wz.zj.dynamic.163data.com.cn anywhere
DROP all – 123.125.219.130 anywhere
DROP all – 76.72.171.166 anywhere
DROP all – 231.51.174.61.dial.wz.zj.dynamic.163data.com.cn anywhere
DROP all – 60.173.10.67 anywhere
DROP all – 195-154-12-58.rev.poneytelecom.eu anywhere
DROP all – 123.127.36.162 anywhere
DROP all – vps72110737.123-vps.co.uk anywhere
DROP all – 122.225.109.215 anywhere
DROP all – 122.225.109.214 anywhere
DROP all – fixed-203-240-96.iusacell.net anywhere
DROP all – 178.208.132.196 anywhere
DROP all – 122.225.109.208 anywhere
DROP all – 65.55.41.7 anywhere
DROP all – static-103-241-144-197.ctrls.in anywhere
DROP all – 122.225.109.121 anywhere
DROP all – 183.57.57.159 anywhere
DROP all – 249.50.174.61.dial.wz.zj.dynamic.163data.com.cn anywhere
DROP all – 222.186.26.251 anywhere
DROP all – ip223.hichina.com anywhere
DROP all – u16534395.onlinehome-server.com anywhere
DROP all – 122.225.109.207 anywhere
DROP all – 42.62.17.250 anywhere
DROP all – 225.50.174.61.dial.wz.zj.dynamic.163data.com.cn anywhere
DROP all – 122.225.109.212 anywhere
DROP all – 122.225.109.111 anywhere
DROP all – 222.186.59.63 anywhere
DROP all – 122.225.109.112 anywhere
DROP all – cs3.oxxus.net anywhere
DROP all – 35.243.143.211.static.sz.js.chinamobile.com anywhere
DROP all – 36.84.241.188 anywhere
DROP all – 211.138.30.174 anywhere
DROP all – 112.21.198.28 anywhere
DROP all – 212-83-176-8.rev.poneytelecom.eu anywhere
DROP all – 144.0.0.29 anywhere
DROP all – 149.50.174.61.dial.wz.zj.dynamic.163data.com.cn anywhere
DROP all – 230.224.148.210.rev.iijgio.jp anywhere
DROP all – 117.27.158.104 anywhere
DROP all – 224.50.174.61.dial.wz.zj.dynamic.163data.com.cn anywhere

Chain DENYOUT (0 references)
target prot opt source destination
LOGDROPOUT all – anywhere 222.186.34.122
LOGDROPOUT all – anywhere 111.74.239.35
LOGDROPOUT all – anywhere 202.109.143.18
LOGDROPOUT all – anywhere 111.74.239.197
LOGDROPOUT all – anywhere 222.186.34.117
LOGDROPOUT all – anywhere 202.109.143.5
LOGDROPOUT all – anywhere 202.109.143.16
LOGDROPOUT all – anywhere 202.109.143.42
LOGDROPOUT all – anywhere 202.109.143.53
LOGDROPOUT all – anywhere 202.109.143.89
LOGDROPOUT all – anywhere 222.186.34.121
LOGDROPOUT all – anywhere 202.109.143.56
LOGDROPOUT all – anywhere 115.239.248.85
LOGDROPOUT all – anywhere 222.186.34.118
LOGDROPOUT all – anywhere 222.186.34.119
LOGDROPOUT all – anywhere 222.186.34.123
LOGDROPOUT all – anywhere 202.109.143.95
LOGDROPOUT all – anywhere 222.186.34.115
LOGDROPOUT all – anywhere 111.74.238.125
LOGDROPOUT all – anywhere 222.186.58.205
LOGDROPOUT all – anywhere 222.187.221.152
LOGDROPOUT all – anywhere 222.186.50.229
LOGDROPOUT all – anywhere 122.225.109.221
LOGDROPOUT all – anywhere 222.186.34.116
LOGDROPOUT all – anywhere 213.50.174.61.dial.wz.zj.dynamic.163data.com.cn
LOGDROPOUT all – anywhere 111.74.238.124
LOGDROPOUT all – anywhere 222.186.34.114
LOGDROPOUT all – anywhere host-176-42-4-149.reverse.superonline.net
LOGDROPOUT all – anywhere 61.156.8.189
LOGDROPOUT all – anywhere 122.225.109.195
LOGDROPOUT all – anywhere 60.173.10.205
LOGDROPOUT all – anywhere 122.225.109.118
LOGDROPOUT all – anywhere 219.138.135.56
LOGDROPOUT all – anywhere 222.186.58.241
LOGDROPOUT all – anywhere 117.21.173.177
LOGDROPOUT all – anywhere 117.21.173.179
LOGDROPOUT all – anywhere 222.186.58.242
LOGDROPOUT all – anywhere 222.186.51.150
LOGDROPOUT all – anywhere 222.186.58.10
LOGDROPOUT all – anywhere 222.186.50.61
LOGDROPOUT all – anywhere 222.187.220.246
LOGDROPOUT all – anywhere 218.30.22.119
LOGDROPOUT all – anywhere 5.103.35.171.adsl-pool.jx.chinaunicom.com
LOGDROPOUT all – anywhere 43.169.110.203.in-addr.arpa
LOGDROPOUT all – anywhere cirsfera.ru
LOGDROPOUT all – anywhere 193.107.17.72
LOGDROPOUT all – anywhere 122.225.109.199
LOGDROPOUT all – anywhere 117.110.25.97
LOGDROPOUT all – anywhere 61.183.1.8
LOGDROPOUT all – anywhere 122.225.109.196
LOGDROPOUT all – anywhere 222.186.52.160
LOGDROPOUT all – anywhere 103-27-127-50.sunnyvision.com
LOGDROPOUT all – anywhere 217.199.227.206
LOGDROPOUT all – anywhere 215.51.174.61.dial.wz.zj.dynamic.163data.com.cn
LOGDROPOUT all – anywhere 61.167.49.139
LOGDROPOUT all – anywhere static.vdc.vn
LOGDROPOUT all – anywhere 122.225.109.206
LOGDROPOUT all – anywhere 36.100-168-194.static.virginmediabusiness.co.uk
LOGDROPOUT all – anywhere 122.225.109.216
LOGDROPOUT all – anywhere 221.6.233.62
LOGDROPOUT all – anywhere 212-129-56-29.rev.poneytelecom.eu
LOGDROPOUT all – anywhere 109.169.41.164
LOGDROPOUT all – anywhere 122.225.109.200
LOGDROPOUT all – anywhere 60.173.11.108
LOGDROPOUT all – anywhere fixed-203-240-71.iusacell.net
LOGDROPOUT all – anywhere 122.226.140.158
LOGDROPOUT all – anywhere 230.51.174.61.dial.wz.zj.dynamic.163data.com.cn
LOGDROPOUT all – anywhere 117.21.173.175
LOGDROPOUT all – anywhere 212.51.174.61.dial.wz.zj.dynamic.163data.com.cn
LOGDROPOUT all – anywhere 227.51.174.61.dial.wz.zj.dynamic.163data.com.cn
LOGDROPOUT all – anywhere 58.18.172.171
LOGDROPOUT all – anywhere .
LOGDROPOUT all – anywhere 122.225.109.197
LOGDROPOUT all – anywhere 60.173.11.104
LOGDROPOUT all – anywhere 218.2.0.132
LOGDROPOUT all – anywhere 218.6.19.50
LOGDROPOUT all – anywhere h88-150-239-4.host.redstation.co.uk
LOGDROPOUT all – anywhere 60.173.26.163
LOGDROPOUT all – anywhere 211.51.174.61.dial.wz.zj.dynamic.163data.com.cn
LOGDROPOUT all – anywhere 229.51.174.61.dial.wz.zj.dynamic.163data.com.cn
LOGDROPOUT all – anywhere 144.0.0.35
LOGDROPOUT all – anywhere 232.51.174.61.dial.wz.zj.dynamic.163data.com.cn
LOGDROPOUT all – anywhere host185-224-110-95.serverdedicati.aruba.it
LOGDROPOUT all – anywhere 50-56-193-15.static.cloud-ips.com
LOGDROPOUT all – anywhere host187-3-static.199-31-b.business.telecomitalia.it
LOGDROPOUT all – anywhere 37.9.53.91
LOGDROPOUT all – anywhere 122.225.109.110
LOGDROPOUT all – anywhere 144.0.0.51
LOGDROPOUT all – anywhere 60.173.10.69
LOGDROPOUT all – anywhere 115.248.176.229
LOGDROPOUT all – anywhere 122.225.109.113
LOGDROPOUT all – anywhere 99.69-183-91.adsl-static.isp.belgacom.be
LOGDROPOUT all – anywhere 222.219.187.9
LOGDROPOUT all – anywhere 118.244.159.214
LOGDROPOUT all – anywhere 119.188.7.201
LOGDROPOUT all – anywhere 123.157.150.57
LOGDROPOUT all – anywhere steel.fibrenetworks.org
LOGDROPOUT all – anywhere 122.225.109.222
LOGDROPOUT all – anywhere 216.50.174.61.dial.wz.zj.dynamic.163data.com.cn
LOGDROPOUT all – anywhere 144.0.0.59
LOGDROPOUT all – anywhere 41.209.196.190.orbyta.com.in-addr.arpa
LOGDROPOUT all – anywhere 234.51.174.61.dial.wz.zj.dynamic.163data.com.cn
LOGDROPOUT all – anywhere 23.102.130.171
LOGDROPOUT all – anywhere 184.50.174.61.dial.wz.zj.dynamic.163data.com.cn
LOGDROPOUT all – anywhere 198.117.199.112.clbrz.inet.eastern-tele.com
LOGDROPOUT all – anywhere 31.181.181.120
LOGDROPOUT all – anywhere 210.14.69.244
LOGDROPOUT all – anywhere 122.228.207.76
LOGDROPOUT all – anywhere 122.225.109.98
LOGDROPOUT all – anywhere 222.186.52.3
LOGDROPOUT all – anywhere 218.2.0.125
LOGDROPOUT all – anywhere host-92-44-212-179.reverse.superonline.net
LOGDROPOUT all – anywhere 75-148-216-82-Houston.hfc.comcastbusiness.net
LOGDROPOUT all – anywhere 219.148.196.154
LOGDROPOUT all – anywhere 122.225.109.109
LOGDROPOUT all – anywhere 122.225.109.202
LOGDROPOUT all – anywhere 211.154.213.117
LOGDROPOUT all – anywhere 122.225.109.198
LOGDROPOUT all – anywhere 122.225.109.209
LOGDROPOUT all – anywhere 122.225.109.203
LOGDROPOUT all – anywhere 122.225.109.219
LOGDROPOUT all – anywhere 144.0.0.66
LOGDROPOUT all – anywhere 82.221.102.179
LOGDROPOUT all – anywhere 82.221.109.194
LOGDROPOUT all – anywhere 1.93.29.130
LOGDROPOUT all – anywhere 117.27.152.26
LOGDROPOUT all – anywhere 226.51.174.61.dial.wz.zj.dynamic.163data.com.cn
LOGDROPOUT all – anywhere 222.191.249.132
LOGDROPOUT all – anywhere 193.104.41.202
LOGDROPOUT all – anywhere 193.104.41.10
LOGDROPOUT all – anywhere fixed-203-240-24.iusacell.net
LOGDROPOUT all – anywhere 91.240.163.39
LOGDROPOUT all – anywhere 144.0.0.54
LOGDROPOUT all – anywhere 187-40-80-102.user.veloxzone.com.br
LOGDROPOUT all – anywhere usloft1168.serverprofi24.com
LOGDROPOUT all – anywhere 122.225.109.104
LOGDROPOUT all – anywhere 202.165.179.126
LOGDROPOUT all – anywhere 212-83-150-74.rev.poneytelecom.eu
LOGDROPOUT all – anywhere 183.224.42.11
LOGDROPOUT all – anywhere 31.181.230.201
LOGDROPOUT all – anywhere 122.225.109.108
LOGDROPOUT all – anywhere 218.2.0.133
LOGDROPOUT all – anywhere 182.140.141.26
LOGDROPOUT all – anywhere 122.225.109.106
LOGDROPOUT all – anywhere 122.225.109.217
LOGDROPOUT all – anywhere 233.51.174.61.dial.wz.zj.dynamic.163data.com.cn
LOGDROPOUT all – anywhere 119.82.99.3.reverse.spectranet.in
LOGDROPOUT all – anywhere 228.51.174.61.dial.wz.zj.dynamic.163data.com.cn
LOGDROPOUT all – anywhere 31.181.134.100
LOGDROPOUT all – anywhere 214.51.174.61.dial.wz.zj.dynamic.163data.com.cn
LOGDROPOUT all – anywhere 122.225.103.118
LOGDROPOUT all – anywhere 202.129.16.27
LOGDROPOUT all – anywhere corp-200-105-232-100-uio.punto.net.ec
LOGDROPOUT all – anywhere fixed-203-240-34.iusacell.net
LOGDROPOUT all – anywhere 135.109.214.105
LOGDROPOUT all – anywhere 235.50.174.61.dial.wz.zj.dynamic.163data.com.cn
LOGDROPOUT all – anywhere 61.143.236.193
LOGDROPOUT all – anywhere 144.0.0.33
LOGDROPOUT all – anywhere 122.225.109.100
LOGDROPOUT all – anywhere 222.122.30.51
LOGDROPOUT all – anywhere 212-129-11-247.rev.poneytelecom.eu
LOGDROPOUT all – anywhere 172.50.174.61.dial.wz.zj.dynamic.163data.com.cn
LOGDROPOUT all – anywhere 123.125.219.130
LOGDROPOUT all – anywhere 76.72.171.166
LOGDROPOUT all – anywhere 231.51.174.61.dial.wz.zj.dynamic.163data.com.cn
LOGDROPOUT all – anywhere 60.173.10.67
LOGDROPOUT all – anywhere 195-154-12-58.rev.poneytelecom.eu
LOGDROPOUT all – anywhere 123.127.36.162
LOGDROPOUT all – anywhere vps72110737.123-vps.co.uk
LOGDROPOUT all – anywhere 122.225.109.215
LOGDROPOUT all – anywhere 122.225.109.214
LOGDROPOUT all – anywhere fixed-203-240-96.iusacell.net
LOGDROPOUT all – anywhere 178.208.132.196
LOGDROPOUT all – anywhere 122.225.109.208
LOGDROPOUT all – anywhere 65.55.41.7
LOGDROPOUT all – anywhere static-103-241-144-197.ctrls.in
LOGDROPOUT all – anywhere 122.225.109.121
LOGDROPOUT all – anywhere 183.57.57.159
LOGDROPOUT all – anywhere 249.50.174.61.dial.wz.zj.dynamic.163data.com.cn
LOGDROPOUT all – anywhere 222.186.26.251
LOGDROPOUT all – anywhere ip223.hichina.com
LOGDROPOUT all – anywhere u16534395.onlinehome-server.com
LOGDROPOUT all – anywhere 122.225.109.207
LOGDROPOUT all – anywhere 42.62.17.250
LOGDROPOUT all – anywhere 225.50.174.61.dial.wz.zj.dynamic.163data.com.cn
LOGDROPOUT all – anywhere 122.225.109.212
LOGDROPOUT all – anywhere 122.225.109.111
LOGDROPOUT all – anywhere 222.186.59.63
LOGDROPOUT all – anywhere 122.225.109.112
LOGDROPOUT all – anywhere cs3.oxxus.net
LOGDROPOUT all – anywhere 35.243.143.211.static.sz.js.chinamobile.com
LOGDROPOUT all – anywhere 36.84.241.188
LOGDROPOUT all – anywhere 211.138.30.174
LOGDROPOUT all – anywhere 112.21.198.28
LOGDROPOUT all – anywhere 212-83-176-8.rev.poneytelecom.eu
LOGDROPOUT all – anywhere 144.0.0.29
LOGDROPOUT all – anywhere 149.50.174.61.dial.wz.zj.dynamic.163data.com.cn
LOGDROPOUT all – anywhere 230.224.148.210.rev.iijgio.jp
LOGDROPOUT all – anywhere 117.27.158.104
LOGDROPOUT all – anywhere 224.50.174.61.dial.wz.zj.dynamic.163data.com.cn

Chain INVALID (0 references)
target prot opt source destination

Chain INVDROP (0 references)
target prot opt source destination

Chain LOCALINPUT (0 references)
target prot opt source destination

Chain LOCALOUTPUT (0 references)
target prot opt source destination

Chain LOGDROPIN (0 references)
target prot opt source destination

Chain LOGDROPOUT (200 references)
target prot opt source destination

Chain fail2ban-ssh-ddos (1 references)
target prot opt source destination
RETURN all – anywhere anywhere
8

Hi, does this help or would you prefer to get more data from me? Thanks!

9

Howdy,

The log files that firewall logging would show up in differs depending on your distro… but it’ll usually show up if you were to run “dmesg”, and look at the tail end of that output.

On CentOS, I’m not entirely certain which it is – it’s likely either /var/log/messages or /var/log/secure.

That might be a good place to start. It’s difficult to rule out the firewall, as there’s quite a few rules there, though I don’t see any that would obviously be causing a problem.

You could also try disabling the firewall altogether, though hopefully reviewing the logs would help as well.

-Eric

10

Ok thanks Eric, I’ll start with checking the log files (I’m on Ubuntu)

Saludos!

11

Doesn’t help much, does it?

[Tue Oct 07 23:31:42 2014] [error] [client 88.20.123.52] PHP Warning: fopen(http://www.ktools.net/webmgr/push.updatecheck.php?product=ps&version=4.5.4&builddate=2014.04.08): failed to open stream: Connection timed out in /home/peng/public_html/manager/widgets/updater/panel.php on line 145, referer: http://www.photosgrancanaria.com/manager/mgr.welcome.php?ep=1 [Tue Oct 07 23:31:42 2014] [error] [client 88.20.123.52] PHP Warning: stream_set_timeout() expects parameter 1 to be resource, boolean given in /home/peng/public_html/manager/widgets/updater/panel.php on line 147, referer: http://www.photosgrancanaria.com/manager/mgr.welcome.php?ep=1 [Tue Oct 07 23:31:42 2014] [error] [client 88.20.123.52] PHP Warning: stream_set_blocking() expects parameter 1 to be resource, boolean given in /home/peng/public_html/manager/widgets/updater/panel.php on line 148, referer: http://www.photosgrancanaria.com/manager/mgr.welcome.php?ep=1 [Tue Oct 07 23:31:45 2014] [error] [client 88.20.123.52] PHP Warning: fopen(http://www.ktools.net/webmgr/push.news.php?product=&version=&builddate=): failed to open stream: Connection timed out in /home/peng/public_html/manager/widgets/knews/panel.php on line 118, referer: http://www.photosgrancanaria.com/manager/mgr.welcome.php?ep=1 [Tue Oct 07 23:31:45 2014] [error] [client 88.20.123.52] PHP Warning: stream_set_timeout() expects parameter 1 to be resource, boolean given in /home/peng/public_html/manager/widgets/knews/panel.php on line 120, referer: http://www.photosgrancanaria.com/manager/mgr.welcome.php?ep=1 [Tue Oct 07 23:31:45 2014] [error] [client 88.20.123.52] PHP Warning: stream_set_blocking() expects parameter 1 to be resource, boolean given in /home/peng/public_html/manager/widgets/knews/panel.php on line 121, referer: http://www.photosgrancanaria.com/manager/mgr.welcome.php?ep=1
12

here’s the dmesg output, hope it helps…

13

Any suggestions for a next step? Thanks!

14

Howdy,

Yeah, unfortunately, I’m not seeing much there in dmesg or the logs… were you able to disable the firewall altogether, temporarily?

The firewall is still my best guess as to what might cause what you’re seeing, since it doesn’t look like you’re behind a NAT router.

-Eric

15

Hi Eric, and thanks for all the suggestions. Finding it terribly difficult to do all this. I’ll see if I can find a way to disable iptables withtout messing everything up (more).

How do I know if there’s another firewall than iptables running that maybe should be ‘disabled’ as well? Is there an easy way to find out?

Thanks, lex

16

Howdy,

Well, your server appears to be using some kind of tool to configure the firewall. However, it appears to be adding it through iptables.

So if you simply disable iptables, that may be all you need to do.

However, if something continues to add firewalls after disabling iptables, you would need to look into what third party software had been enabled, as that doesn’t occur automatically. If you run into that, you could always post the output of “ps auxw”, and we could see if anything there stands out as the culprit.

-Eric