Log inUsernamePassword
Log me on automatically each visit    
Register
Register
Log in to check your private messages
Log in to check your private messages
SMS Forum Index » SMS User Support

Post new topic   Reply to topic
SMS-2.0.7 blocks one of my machines from local access
View previous topic :: View next topic  
Author Message
Lars
Senior Member


Joined: 25 Oct 2010
Posts: 136

PostPosted: Thu Nov 12, 2015 8:30 pm    Post subject: SMS-2.0.7 blocks one of my machines from local access Reply with quote

Well, again gerasimos Embarassed ,

It's still concerning the fit2pc server with SMS-2.0.7 I inherited from my friend last january. As I've mentioned he had configured it for use with http (html and CMS-systems) and fftp.

Last spring you suggested that I'ld use tightvnc since I had problems with the fit2pc's graphics card driver. I used it ca 4 weeks during the spring just to get an overview of the machine and OS. -Only two days ago I had the time to start configuring it for my needs. -All the time vnc worked like a charm Smile .
-Until late last night! I could not login anymore. Closed my SMS and my vnc-client (my main working machine). I was anyway finished with configuring httpd incl https.

Today I started looking for corrupted configuration files and studied the logs I could find:
the vnc server log just reported
Code:
"11/11/15 17:44:18 Rejected connection from client 192.168.X.X"

my client's terminal
Code:
"vncviewer: VNC server closed connection"

-Searched internet and found nothing alike.
vnc still not working.

I anyway continued my configuring the 2.0.7 server today: set up ddclient to my DNS service, ftp and finally nfs.
-When I now tried ftp and nfs from my main working machine through my local network,I did get severe problems. My FTP clients did not work, trying from terminal returned
Code:
"421 Service not available, remote server has closed connection."

and nfs takes up to ten minutes to connect.
First I thought I had misconfigured them and went through the whole process again, checking.
(I have got all those services on my SMS-1.6.0 server and they work perfect).
After revising the configurations two times I still could not get vnc, ftp or nfs working.
Checked my working machines firewall for causes, nothing.

By chance I started up another working machine and was surprised when I perfectly could connect to nfs, ftp and vnc from there. Other local IP? Now I started to suspect that it was SMS-2.0.7 that blocked my main machine.
Just to be sure I tried two other distributions on my main machine (same local IP), SuSE13.1 and Slackware-14: ftp, nfs and vnc didn't work there either.

The problem probably lies in some service or firewall in SMS-2.0.7. The problem is that I do not know which firewall or security services my friend used or how he had configured them?? -I'm certain that he has used only services that comes with the SMS-2.0.7.

What I can say can have caused the blocking is that, especially yesterday, I logged in to my SMS-server a real lot of times! And quite some times failed.

If my suspicions are correct I would be real grateful for help to get my main machine out of this block! It's from this I maintain my server, and it besides is my most modern.

Best regards

Lars
Back to top
View user's profile Send private message
Lars
Senior Member


Joined: 25 Oct 2010
Posts: 136

PostPosted: Thu Nov 12, 2015 11:03 pm    Post subject: Reply with quote

Could it be fail2ban?
found some logs that could indicate that.

Lars
Back to top
View user's profile Send private message
gerasimos_h
Site Admin


Joined: 09 Aug 2007
Posts: 1757
Location: Greece

PostPosted: Fri Nov 13, 2015 1:13 pm    Post subject: Reply with quote

Most likely try to restart or stop fail2ban
smsconfig fail2ban restart


gerasimos_h

_________________
Superb! Mini Server Project Manager
http://sms.it-ccs.com
Back to top
View user's profile Send private message Visit poster's website
Lars
Senior Member


Joined: 25 Oct 2010
Posts: 136

PostPosted: Fri Nov 13, 2015 5:08 pm    Post subject: Reply with quote

Sorry, that did not help.
My main machine is after two days still blocked in my local network.

While waiting I tried to understand the way fail2ban worked. -As far as I could understand it works by for instance adding rules to iptables. -It was hard to find iptables since my friend hasn't got any /etc/rc.d/rc.firewall, but after a while I found I could read iptables(?) through
# iptable -L
After fiddling a while I found 4 failban chains with references(?)
fail2ban-BadBots
fail2ban-ProFTPD
fail2ban-SSH
fail2ban-dovecot-pop3imap
guessed references could mean rules added by fail2ban(?).

Found no way to read out if my blocked ip was listed in any of those chains, but "in blind" tried to remove my blocked ip, if it was in any of them by running:
# iptables -D fail2ban-dovecot-pop3imap -s 192.168.X.X -j DROP
# iptables -D fail2ban-SSH -s 192.168.X.X -j DROP
# iptables -D fail2ban-ProFTPD -s 192.168.X.X -j DROP
# iptables -D fail2ban-BadBots -s 192.168.X.X -j DROP
from all I got
iptables: Bad rule (does a matching rule exist in that chain?).
which probably means that my blocked ip never was there(?)

Since I've got no /etc/rc.d/rc.firewall I can't stop iptables (if it's running).
Looked for ev other firewalls, like guarddog, but found none.

Stopping fail2ban however didn't work:
I still cannot connect locally to my SMS-2.0.7 server with vnc, ftp or nfs from my main workstation and it's a real problem for me.

Could it be something else that blocks my All OS' on my main workstation -same IP- from connecting with SMS?
Back to top
View user's profile Send private message
Lars
Senior Member


Joined: 25 Oct 2010
Posts: 136

PostPosted: Fri Nov 13, 2015 9:27 pm    Post subject: Reply with quote

Well, I finally found it Very Happy !

tcpd had added
Code:
ALL: 192.168.X.X
[my blocked local IP]
to /etc/hosts.deny about the time I got vnc and ftp problems.
Now everything is working.

One final question only (since I spent 8 hours today trying to understand fail2ban's way of working):
Since I haven't got iptables active (that's anyway how I understand that I've got no /etc/rc.d/rc.firewall):
Does fail2ban really work? Where can I find and modify the existing jails?

Best reards
Lars
Back to top
View user's profile Send private message
gerasimos_h
Site Admin


Joined: 09 Aug 2007
Posts: 1757
Location: Greece

PostPosted: Sat Nov 14, 2015 12:24 pm    Post subject: Reply with quote

Iptables are active alright, the rc.firewall is for applying rules at boot...
The fail2ban jail confis /etc/fail2ban/jail.conf...

Gerasimos_h

_________________
Superb! Mini Server Project Manager
http://sms.it-ccs.com
Back to top
View user's profile Send private message Visit poster's website
Lars
Senior Member


Joined: 25 Oct 2010
Posts: 136

PostPosted: Sun Nov 15, 2015 5:38 pm    Post subject: Reply with quote

Thank you again Gerasimos!

I really appreciate all the help you have given me through the years Smile !

Now I hopefully can manage on my own. This last week I have configured up the servermachine with S*M*S-2.0.7 I inherited from my friend.

Best regards
Lars
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    SMS Forum Index » SMS User Support All times are GMT + 2 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum

SMS - Superb! Mini Server Project © 2016
Powered by phpBB © 2001, 2002 phpBB Group
iCGstation v1.0 Template By Ray © 2003, 2004 iOptional