Want to subscribe to topics you're interested in?
Become a Member

Sysadmin Uptimerobot issues

Discussion in 'System Administration' started by denellum, Jan 29, 2017.

  1. denellum

    denellum Member

    88
    22
    8
    May 11, 2016
    Dallas
    Ratings:
    +32
    Local Time:
    8:48 PM
    1.13.8
    10.1.29
    The news isnt good :/

    I have checked with :

    Code:
    [root@WEB01 ~]# csf -g  69.162.124.229
    
    Chain            num   pkts bytes target     prot opt in     out
    source               destination
    No matches found for 69.162.124.229 in iptables
    
    IPSET: No matches found for 69.162.124.229
    
    And i've verified the IP is the NON-DDOS IP.
    Any ideas?
     
  2. denellum

    denellum Member

    88
    22
    8
    May 11, 2016
    Dallas
    Ratings:
    +32
    Local Time:
    8:48 PM
    1.13.8
    10.1.29
    IF i disable CSF it works :/
     
  3. eva2000

    eva2000 Administrator Staff Member

    44,731
    10,196
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,804
    Local Time:
    11:48 AM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    Weird then.

    Centmin Mod CSF Firewall rate limits pings so probably could be related to that ?

    in /etc/csf/csf.conf config file
    Code (Text):
    # Allow incoming PING
    ICMP_IN = "1"
    
    # Set the per IP address incoming ICMP packet rate
    # To disable rate limiting set to "0"
    ICMP_IN_RATE = "1/s"
    
    # Allow outgoing PING
    ICMP_OUT = "1"
    
    # Set the per IP address outgoing ICMP packet rate (hits per second allowed),
    # e.g. "1/s"
    # To disable rate limiting set to "0"
    ICMP_OUT_RATE = "0"
    

    Maybe if raise the ICMP_IN_RATE from 1/s to 5/s ?
     
  4. denellum

    denellum Member

    88
    22
    8
    May 11, 2016
    Dallas
    Ratings:
    +32
    Local Time:
    8:48 PM
    1.13.8
    10.1.29
    to reload it i just use :

    Code:
    csf -r
    
    Correct? If so, that did not resolve the issue :/
     
  5. eva2000

    eva2000 Administrator Staff Member

    44,731
    10,196
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,804
    Local Time:
    11:48 AM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    yeah that will restart csf.

    what if you totally disable ping rate limit by setting ICMP_IN = "1" to ICMP_IN = "0"
     
  6. denellum

    denellum Member

    88
    22
    8
    May 11, 2016
    Dallas
    Ratings:
    +32
    Local Time:
    8:48 PM
    1.13.8
    10.1.29
    Sadly still down :(
     
  7. SFLC

    SFLC Active Member

    224
    59
    28
    Dec 4, 2016
    The Canadas
    Ratings:
    +112
    Local Time:
    3:48 AM
    1
    10
    csf is strange, when I make changes csf -r won't do anything, try csf -x then csf -e

    when i disabled access to port 3306 from csf a few months ago, no matter what it would remain open until I restarted the whole server, then it started applying the rule, don't know if that's a csf thing or an iptables issue
     
  8. denellum

    denellum Member

    88
    22
    8
    May 11, 2016
    Dallas
    Ratings:
    +32
    Local Time:
    8:48 PM
    1.13.8
    10.1.29
    hmm, yeah when i take it down UptimeRobot works haha. THen when i re-enable it, goes back down.
     
  9. denellum

    denellum Member

    88
    22
    8
    May 11, 2016
    Dallas
    Ratings:
    +32
    Local Time:
    8:48 PM
    1.13.8
    10.1.29
    ALRIGHT! IT IS RESOLVED!
    I didn't read the full command (my fault)
    Code:
    curl -s https://uptimerobot.com/inc/files/ips/IPv4andIPv6.txt | while read i; do echo "csf -a ${i}"; done
    
    The end of it... the echo, i needed it to RUN the command.
    Code:
    curl -s https://uptimerobot.com/inc/files/ips/IPv4andIPv6.txt | while read i; do csf -a ${i}; done
    
    Boom, I watched it saved the rules, and now I'm golden.
     
  10. eva2000

    eva2000 Administrator Staff Member

    44,731
    10,196
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,804
    Local Time:
    11:48 AM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    strange should work with csf -r only.

    ah ha.. whitelisted now.. yes the outputted commands need to be run :)
     
  11. denellum

    denellum Member

    88
    22
    8
    May 11, 2016
    Dallas
    Ratings:
    +32
    Local Time:
    8:48 PM
    1.13.8
    10.1.29
    :) Sorry for all the spam, gave you all some rep love for the help!

    Thanks again all!
     
  12. eva2000

    eva2000 Administrator Staff Member

    44,731
    10,196
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,804
    Local Time:
    11:48 AM
    Nginx 1.17.x
    MariaDB 5.5/10.x
  13. SFLC

    SFLC Active Member

    224
    59
    28
    Dec 4, 2016
    The Canadas
    Ratings:
    +112
    Local Time:
    3:48 AM
    1
    10
    nice, so csf was doing exactly what it was supposed to do. In my opinion, I'd rather security be too much that it starts to interfere with me, versus lax security that could affect me, if you know what I mean.
     
  14. denellum

    denellum Member

    88
    22
    8
    May 11, 2016
    Dallas
    Ratings:
    +32
    Local Time:
    8:48 PM
    1.13.8
    10.1.29
    100% agree brotha :)
     
  15. eva2000

    eva2000 Administrator Staff Member

    44,731
    10,196
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,804
    Local Time:
    11:48 AM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    Yup that's why CSF is installed by default. I'm be scared to see what other LAMP/LEMP stacks do without a firewall in place at all !