So I got a complaint that my server is not reachable for users fro ma certain Dutch internet provider (UPC)... I've let them do several tests to find out what's wrong, but I can't find anything.... Any ideas if my server accidently blocked an IP range somewhere?
Check your IP tables, may be they will be blocking the ICMP request for Dutch inetrenet providers' IP.
Did you try to runa traceroute? Maybe it is just a routing problem. Did you inform the support of your provider that access from this other provider is blocked?
I did contact my DC/network provider where my server is hosted, they can't find anything. I did ask the UPC customers to do a tracert, but the tracert looks the same as my tracert. The UPC customers can reach another server within the same IP range. My server has 3 IPs (77.72.148.50, 77.72.146.128, 77.72.146.129), and all 3 are unreachable by the UPC customers (the last two IPs were connected to my server about a week ago)... So I think there must be something on the server itself that blocks a certain range, but I don't know where to find it.... IPtables seem to be clean... I haven't contacted UPC myself yet, but my customers have, and they are not properly supported in my opinion, they just say run a tracert and that's it...
Is there no service reachable from your client, e.g. no ping? Or is it a specific service? If iptables is clear, then the ip can only be blocked on application level as far as I know. Another option can be that something is blocked on the side of the client, e.g. in his firewall r router. I had a case here in germany were new network routers from German Telekom has a option enabled to block all outgoing emails in the router when the target IP is not in a network of German Telekom.
They complain about not reaching their website, so that's apache, port 80, and I asked them to start a telnet session with 110 (POP3), and they can't connect there either... And it's not just one client, according to him other UPC provider users have the same issue... Just to be sure, to check the iptables, which command should I use... iptables -L ?
Chain INPUT (policy DROP) target prot opt source destination DROP tcp -- anywhere 127.0.0.0/8 ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT all -- anywhere anywhere DROP all -- base-address.mcast.net/4 anywhere PUB_IN all -- anywhere anywhere PUB_IN all -- anywhere anywhere PUB_IN all -- anywhere anywhere PUB_IN all -- anywhere anywhere PUB_IN all -- anywhere anywhere DROP all -- anywhere anywhere Chain FORWARD (policy DROP) target prot opt source destination ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED DROP all -- anywhere anywhere Chain OUTPUT (policy ACCEPT) target prot opt source destination PUB_OUT all -- anywhere anywhere PUB_OUT all -- anywhere anywhere PUB_OUT all -- anywhere anywhere PUB_OUT all -- anywhere anywhere PUB_OUT all -- anywhere anywhere Chain INT_IN (0 references) target prot opt source destination ACCEPT icmp -- anywhere anywhere DROP all -- anywhere anywhere Chain INT_OUT (0 references) target prot opt source destination ACCEPT icmp -- anywhere anywhere ACCEPT all -- anywhere anywhere Chain PAROLE (15 references) target prot opt source destination ACCEPT all -- anywhere anywhere Chain PUB_IN (5 references) target prot opt source destination ACCEPT icmp -- anywhere anywhere icmp destination-unreachable ACCEPT icmp -- anywhere anywhere icmp echo-reply ACCEPT icmp -- anywhere anywhere icmp time-exceeded ACCEPT icmp -- anywhere anywhere icmp echo-request PAROLE tcp -- anywhere anywhere tcp dpt:ftp-data PAROLE tcp -- anywhere anywhere tcp dpt:ftp PAROLE tcp -- anywhere anywhere tcp dpt:finger PAROLE tcp -- anywhere anywhere tcp dpt:smtp PAROLE tcp -- anywhere anywhere tcp dpt:domain PAROLE tcp -- anywhere anywhere tcp dpt:http PAROLE tcp -- anywhere anywhere tcp dptop3 PAROLE tcp -- anywhere anywhere tcp dpt:imap2 PAROLE tcp -- anywhere anywhere tcp dpt:https PAROLE tcp -- anywhere anywhere tcp dpt:imaps PAROLE tcp -- anywhere anywhere tcp dptop3s PAROLE tcp -- anywhere anywhere tcp dpt:mysql PAROLE tcp -- anywhere anywhere tcp dpt:http-alt PAROLE tcp -- anywhere anywhere tcp dpt:tproxy PAROLE tcp -- anywhere anywhere tcp dpt:webmin ACCEPT udp -- anywhere anywhere udp dpt:domain ACCEPT udp -- anywhere anywhere udp dpt:mysql DROP icmp -- anywhere anywhere DROP all -- anywhere anywhere Chain PUB_OUT (5 references) target prot opt source destination ACCEPT all -- anywhere anywhere
