some valid domains getting blocked

General questions.
axel2078
Posts: 294
Joined: January 30th, 2013, 3:53 am
Location: IL, USA

Re: some valid domains getting blocked

Post by axel2078 » August 19th, 2019, 10:41 pm

Arne.F wrote:
August 19th, 2019, 10:06 pm
Have you rebootet and now got a different IP on red. The traces looks like your ip was blocked by the servers, maybee they was on a blacklist like spamhaus.
My red IP hasn’t changed. I just checked and it’s the same now as it was when I was having these issues.

If they had blacklisted me, would I still be some to ping them?
Image

User avatar
Arne.F
Core Developer
Core Developer
Posts: 8522
Joined: May 7th, 2006, 8:57 am
Location: BS <-> NDH
Contact:

Re: some valid domains getting blocked

Post by Arne.F » August 20th, 2019, 5:06 am

In many configs ping will work even if your ip was on blacklists because checking the blacklist make much more load than the answer to ping.
Arne

Support the project on the donation!

Image

Image

Image
PS: I will not answer support questions via email and ignore IPFire related messages on my non IPFire.org mail addresses.

gpatel-fr
Posts: 51
Joined: July 24th, 2019, 7:59 am

Re: some valid domains getting blocked

Post by gpatel-fr » August 20th, 2019, 6:17 am

axel2078 wrote:
August 19th, 2019, 9:03 pm

Connecting to mail.mantech.com|108.174.241.57|:443... connected.
HTTP request sent, awaiting response... 401 Unauthorized ( The server requires authorization to fulfill the request. Access to the Web server is denied. Contact the server administrator. )
never mind this, this is a wget feature. Connection worked.
axel2078 wrote:
August 19th, 2019, 9:03 pm

nothing worked until I performed that wget from IPfire. Is it coincidence or did that kick something within the system?
It seems extremely unlikely to me because I can't think of any mechanism that would trigger a behaviour like that. To rule it out (as it's always bad to assume things) is easy. Just restart the box.
If you could reproduce it reliably, it would qualify as an Ipfire bug IMO. If not, it's a mystery that can't be solved unfortunately.

axel2078
Posts: 294
Joined: January 30th, 2013, 3:53 am
Location: IL, USA

Re: some valid domains getting blocked

Post by axel2078 » August 21st, 2019, 12:46 am

gpatel-fr wrote:
August 20th, 2019, 6:17 am
axel2078 wrote:
August 19th, 2019, 9:03 pm

Connecting to mail.mantech.com|108.174.241.57|:443... connected.
HTTP request sent, awaiting response... 401 Unauthorized ( The server requires authorization to fulfill the request. Access to the Web server is denied. Contact the server administrator. )
never mind this, this is a wget feature. Connection worked.
axel2078 wrote:
August 19th, 2019, 9:03 pm

nothing worked until I performed that wget from IPfire. Is it coincidence or did that kick something within the system?
It seems extremely unlikely to me because I can't think of any mechanism that would trigger a behaviour like that. To rule it out (as it's always bad to assume things) is easy. Just restart the box.
If you could reproduce it reliably, it would qualify as an Ipfire bug IMO. If not, it's a mystery that can't be solved unfortunately.
I just restarted my IPfire system to see what would happen. Everything still worked afterwards. I can access all sites just fine. No idea why this happened. The problem came out of nowhere, lasted for about a week, and then suddenly stopped. I know someone suggested that I might have been on a blacklist for some reason, but there were several sites that I could not access through a browser. I only posted the ones that were most important to me.
Image

axel2078
Posts: 294
Joined: January 30th, 2013, 3:53 am
Location: IL, USA

Re: [SOLVED] some valid domains getting blocked

Post by axel2078 » August 22nd, 2019, 1:08 pm

I'm not sure what caused this issue and why there were only some websites that would time out in a browser, but the issue seems to have cleared by itself. Marking post solved for now.
Image

axel2078
Posts: 294
Joined: January 30th, 2013, 3:53 am
Location: IL, USA

Re: some valid domains getting blocked

Post by axel2078 » September 6th, 2019, 10:28 pm

Well, I just upgraded to Core 135 and now the problem is back. Again, there lots of sites that will not load behind IPfire. If I use my VPN or if I connect directly to my cable modem, they load just fine. It’s not an IP issue or a blacklist issue. It has to be an IPfire issue. The problem seemed to go away until I upgraded to Core 135. This is becoming really aggravating.
Image

axel2078
Posts: 294
Joined: January 30th, 2013, 3:53 am
Location: IL, USA

Re: some valid domains getting blocked

Post by axel2078 » September 7th, 2019, 2:46 am

I noticed that doing a wget to many websites will just timeout. Additionally, doing a ping to some of these websites comes back with "filtered packets". I don't remember seeing that before.
Image

axel2078
Posts: 294
Joined: January 30th, 2013, 3:53 am
Location: IL, USA

Re: some valid domains getting blocked

Post by axel2078 » September 7th, 2019, 3:07 am

Sigh, I am once again unable to access sites that I really need access to. It's mostly the same ones as before:

https://mail.mantech.com/owa
https://myhub.mantech.com
https://inside.mantech.com
https://worldclassroom.webster.edu

Any ideas? This is driving me nuts. Why do some websites load fine while others won't load at all?

Edit: just to be clear, if I connect to my VPN, I can access these sites just fine. If I bypass IPfire and connect straight to the cable modem, I can access them just fine. If I turn off WiFi on my phone and just my carrier's data network, I can access them just fine. IPfire is the problem.
Image

User avatar
Arne.F
Core Developer
Core Developer
Posts: 8522
Joined: May 7th, 2006, 8:57 am
Location: BS <-> NDH
Contact:

Re: some valid domains getting blocked

Post by Arne.F » September 7th, 2019, 5:52 am

Redo the tshark traces on red. Or better the router before red.
Arne

Support the project on the donation!

Image

Image

Image
PS: I will not answer support questions via email and ignore IPFire related messages on my non IPFire.org mail addresses.

axel2078
Posts: 294
Joined: January 30th, 2013, 3:53 am
Location: IL, USA

Re: some valid domains getting blocked

Post by axel2078 » September 7th, 2019, 6:01 am

Arne.F wrote:
September 7th, 2019, 5:52 am
Redo the tshark traces on red. Or better the router before red.
I actually got fed up and rebuilt my system with the Core 135 iso image. So far, everything is working fine and I can get to all websites.
Image

axel2078
Posts: 294
Joined: January 30th, 2013, 3:53 am
Location: IL, USA

Re: some valid domains getting blocked

Post by axel2078 » September 13th, 2019, 2:13 pm

Update: the problem is back a few days after my rebuild. This time, the problem is slightly different. I can get to all my work websites that I was not able to reach before (the Mantech.com websites), but I am unable to log into my online school's web page, just like before. It just hangs and hangs until it times out. Again, this happens in all browsers on all computers. If I fire up my VPN, I can connect just fine. I even did a wget from IPfire and it looks like the connection is being established (see below), so why does this keep happening?? This is getting super aggravating. I shouldn't have to use a VPN to log into sites I need to access because IPfire stops working.

[root@ipfire-64 ~]# wget https://worldclassroom.webster.edu
--2019-09-13 09:04:20-- https://worldclassroom.webster.edu/
Resolving worldclassroom.webster.edu... 34.236.11.156, 3.222.218.57, 34.197.146.108
Connecting to worldclassroom.webster.edu|34.236.11.156|:443... connected.
HTTP request sent, awaiting response... 401 Unauthorized

Username/Password Authentication Failed.
Image

axel2078
Posts: 294
Joined: January 30th, 2013, 3:53 am
Location: IL, USA

Re: some valid domains getting blocked

Post by axel2078 » September 13th, 2019, 5:39 pm

Another update:

Now, for some reason, I'm able to get to https://worldclassroom.webster.edu which I was not able to get to earlier.

However, now I can no longer get to http://apps.webster.edu/compcen/datadic ... form2.php3 which I was able to get to this morning. It's like IPfire keeps rotating through which websites are allowed via http or https because it keeps changing. If this doesn't stop, I'm going to have to move away from IPfire.
Image

gpatel-fr
Posts: 51
Joined: July 24th, 2019, 7:59 am

Re: some valid domains getting blocked

Post by gpatel-fr » September 13th, 2019, 9:55 pm

When I first replied to you I did not yet know about intrusion detection in Ipfire. It seems that this is a somewhat difficult to use feature, do you have it enabled ? If yes, disable it and restart.

axel2078
Posts: 294
Joined: January 30th, 2013, 3:53 am
Location: IL, USA

Re: some valid domains getting blocked

Post by axel2078 » September 14th, 2019, 4:33 pm

gpatel-fr wrote:
September 13th, 2019, 9:55 pm
When I first replied to you I did not yet know about intrusion detection in Ipfire. It seems that this is a somewhat difficult to use feature, do you have it enabled ? If yes, disable it and restart.
Are you referring to the Intrusion Prevention service? If so, I already tried disabling that. No change.
Image

JonM
Posts: 144
Joined: August 4th, 2017, 5:49 pm
Location: US

Re: some valid domains getting blocked

Post by JonM » September 14th, 2019, 5:45 pm

is it fully off (no boxes checked and STOPPED)?
(sorry for asking but Intrusion Prevention was causing me lots of odd issues also)

Screen Shot 2019-09-14 at 12.42.21 PM.png
Production:
Image

Testing Raspi 3B+:
Image

Post Reply