Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[Scott Holtzman]

I wonder if the forum software can ban an IP.

I can't access the forums from home.  This is so weird. 

Any thoughts.   Forget I am a network engineer in real life

All devices, wired and wireless network.  My phone on Verizon network works fine.

Can still get to the Pro Sound Web page. 

Argggg

Sent from my LM-V405 using Tapatalk

[Doug Fowler]

I wonder if the forum software can ban an IP.

I can't access the forums from home.  This is so weird. 

Any thoughts.   Forget I am a network engineer in real life

All devices, wired and wireless network.  My phone on Verizon network works fine.

Can still get to the Pro Sound Web page. 

Argggg

Sent from my LM-V405 using Tapatalk

It’s working now. I couldn’t connect for maybe 10 minutes.

[Mac Kerr]

I wonder if the forum software can ban an IP.

Yes, it is possible to ban an IP address, but usually it would have to be an IP with hundreds of attempted logins by Eastern Bloc spammers. If you pick up one of those in your browser history your computer may be trying to log in from that address. Clearing your browser history will usually fix it.

Mac

[Scott Holtzman]

Yes, it is possible to ban an IP address, but usually it would have to be an IP with hundreds of attempted logins by Eastern Bloc spammers. If you pick up one of those in your browser history your computer may be trying to log in from that address. Clearing your browser history will usually fix it.

Mac

Thanks Mac.  It's oddly network related.  I can link the site for the forum, it's not behind cloudflare or anything.  Every device I own, my phone, which I am writing from you now, on wifi, Tapatalk hangs.  On Verizon in towers.  My tablets, laptops, desktop all the same thing.   I reset the cable modem (for the same IP) then I reset firewall, switches the whole 9 yards. 

It's like only https (port 443) is blocked to 199.79.199.17 (the forum IP.

Scratching head.



Sent from my LM-V405 using Tapatalk

[Scott Holtzman]

For any of you network geeks I am not blocked on the server iptables just the forum software.

02/01/2022   01:37.48   /home/mobaxterm  curl https://forums.prosoundweb.com/index.php

                                                                                                               ✘

  02/01/2022   01:39.55   /home/mobaxterm  ping forums.prosoundweb.com

Pinging forums.prosoundweb.com [199.79.199.17] with 32 bytes of data:
Reply from 199.79.199.17: bytes=32 time=43ms TTL=48
Reply from 199.79.199.17: bytes=32 time=47ms TTL=48
Reply from 199.79.199.17: bytes=32 time=40ms TTL=48
Reply from 199.79.199.17: bytes=32 time=39ms TTL=48

Ping statistics for 199.79.199.17:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 39ms, Maximum = 47ms, Average = 42ms

Sent from my LM-V405 using Tapatalk

[Russell Ault]

For any of you network geeks I am not blocked on the server iptables just the forum software. {...}

It's probably academic, but what happens if you test the layer in between ping and curl (just in case it is an iptables block, but only on port 443)?

Code: [Select]

$ nc -vz forums.prosoundweb.com 443
-Russ

[Scott Holtzman]

It's probably academic, but what happens if you test the layer in between ping and curl (just in case it is an iptables block, but only on port 443)?

Code: [Select]

$ nc -vz forums.prosoundweb.com 443
-Russ

No that always a good idea.  Will do in a bit.  Had a late one, just hitting hay.  Hit you up in afternoon. 

Sent from my LM-V405 using Tapatalk

[Bob Faulkner]

To help rule out a browser issue, you could try using Lynx:

$ lynx forums.prosoundweb.com

It's a text-based internet connection.  If this connects and your browser doesn't, issue would probably be the browser.

[Bill Meeks]

For any of you network geeks I am not blocked on the server iptables just the forum software.

02/01/2022   01:37.48   /home/mobaxterm  curl https://forums.prosoundweb.com/index.php

                                                                                                               ✘

  02/01/2022   01:39.55   /home/mobaxterm  ping forums.prosoundweb.com

Pinging forums.prosoundweb.com [199.79.199.17] with 32 bytes of data:
Reply from 199.79.199.17: bytes=32 time=43ms TTL=48
Reply from 199.79.199.17: bytes=32 time=47ms TTL=48
Reply from 199.79.199.17: bytes=32 time=40ms TTL=48
Reply from 199.79.199.17: bytes=32 time=39ms TTL=48

Ping statistics for 199.79.199.17:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 39ms, Maximum = 47ms, Average = 42ms

Sent from my LM-V405 using Tapatalk

If you are still having issues, you might try pinging with a full-sized packet to rule out any MTU issues. This can happen on network hops now and then.  A standard ping packet is only 64-bytes, so if there is an MTU issue in the path, a standard ping works while larger packets get either dropped or fragmented. Sometimes when MTU is broken, fragment reassembly is also hosed. Try this in Windows --

Code: [Select]

ping -l 1500 199.79.199.17
This will ping with a 1500-byte data payload to test MTU issues. That is a lowercase "L" (so 'l'). There are similar command-line options for ping in Linux.

[Dan Whitney]

I had a similar issue a few weeks back.  I couldn't access the forum when connecting through my Eero wifi system but I could if I bypassed them by plugging straight into my modem.    I contacted Eero and they claimed they weren't blocking the site.  About a week later it started working.  Not sure what the deal was.

[Scott Holtzman]

To help rule out a browser issue, you could try using Lynx:

$ lynx forums.prosoundweb.com

It's a text-based internet connection.  If this connects and your browser doesn't, issue would probably be the browser.

I don't have Lynx built on that busy box (no binary)  but you can see that curl timed out.



Sent from my LM-V405 using Tapatalk

[Scott Holtzman]

If you are still having issues, you might try pinging with a full-sized packet to rule out any MTU issues. This can happen on network hops now and then.  A standard ping packet is only 64-bytes, so if there is an MTU issue in the path, a standard ping works while larger packets get either dropped or fragmented. Sometimes when MTU is broken, fragment reassembly is also hosed. Try this in Windows --

Code: [Select]

ping -l 1500 199.79.199.17
This will ping with a 1500-byte data payload to test MTU issues. That is a lowercase "L" (so 'l'). There are similar command-line options for ping in Linux.

Thanks, BTW mtr is easiest tool for spotting fragmentation and df bit issues.  It's not that.  I should have mentioned I have Wireshark on a span port off my firewall always logging.  I get no response at all.



Sent from my LM-V405 using Tapatalk

[Scott Holtzman]

It's probably academic, but what happens if you test the layer in between ping and curl (just in case it is an iptables block, but only on port 443)?

Code: [Select]

$ nc -vz forums.prosoundweb.com 443
-Russ

Russ it's either my ISP or my IP is blocked:


I used the nc tool and here are the results.  Before I started I added the forums site to my VPN back to the office, this would source my requests from the Time Warner Fiber at the warehouse.

02/01/2022  16:57.38  /home/mobaxterm  #with VPN                                                                                                                 

02/01/2022 16:59.11 /home/mobaxterm  nc -vz forums.prosoundweb.com 443
Connection to forums.prosoundweb.com 443 port [tcp/https] succeeded!                                                                                                             

02/01/2022  16:59.31  /home/mobaxterm  #without VPN
                                                                                                                   
02/01/2022  16:59.50  /home/mobaxterm  nc -vz forums.prosoundweb.com 443
nc: connect to forums.prosoundweb.com port 443 (tcp) failed: Connection timed out                                                                                                                   


[/size]02/01/2022  17:00.16  /home/mobaxterm
[/size]
[/size]So sourcing from same computer on Time Warner works, I switch to Wide Open West, the provider at my house and boom, bang crash.  Yes I can access all the prosoundweb content without any issue.
[/size]
[/size]

[Bill Meeks]

[/size]02/01/2022  17:00.16  /home/mobaxterm
[/size]
[/size]So sourcing from same computer on Time Warner works, I switch to Wide Open West, the provider at my house and boom, bang crash.  Yes I can access all the prosoundweb content without any issue.
[/size]
[/size]

Weird! Normally when an IP is blocked/banned, everything from that IP is blocked including ICMP. Perhaps the block is only for TCP, though. Sure sounds like your IP is banned/blocked at the forum. If ping works, that pretty much eliminates most routing issues.

I assume your home ISP is not providing you a true static IP. Is there a trick you can use to reset your WAN IP to a different one? Sometimes release and renew on the modem will work (but not always). Spoofing a different MAC sometimes works, and if not, dropping your connection for long enough may result in a different IP being assigned when you "come back up".

[Scott Holtzman]

Weird! Normally when an IP is blocked/banned, everything from that IP is blocked including ICMP. Perhaps the block is only for TCP, though. Sure sounds like your IP is banned/blocked at the forum. If ping works, that pretty much eliminates most routing issues.

I assume your home ISP is not providing you a true static IP. Is there a trick you can use to reset your WAN IP to a different one? Sometimes release and renew on the modem will work (but not always). Spoofing a different MAC sometimes works, and if not, dropping your connection for long enough may result in a different IP being assigned when you "come back up".

It works on another IP.  No I can't force my home/cable modem it's gig service and hasn't changed in two years. 

Still sane problem.  Only thing I don't have a spare of is the cable modem.  I can traceoute all the way to the server or HA Proxy that is in front of it, just https is a no no

Sent from my LM-V405 using Tapatalk

[Scott Holtzman]

It works on another IP.  No I can't force my home/cable modem it's gig service and hasn't changed in two years. 

Still sane problem.  Only thing I don't have a spare of is the cable modem.  I can traceoute all the way to the server or HA Proxy that is in front of it, just https is a no no

Sent from my LM-V405 using Tapatalk

That IP is still locked I have to use my 4G or a VPN to get to the forums still! 

Sent from my LM-V405 using Tapatalk

[Dave Garoutte]

Scott, I guess nobody told you that we voted you off the island.

[Scott Holtzman]

Scott, I guess nobody told you that we voted you off the island.

I would think there would be simpler ways, this is curtailing my writing so there is that!

[Corey Scogin]

I can traceoute all the way to the server or HA Proxy that is in front of it, just https is a no no

I find all this fascinating.

Would you agree that it must be one of these two things or are there other possibilities?:
1. The server or HAProxy/LoadBalancer or firewall refusing TCP from your IP (I think traceroute uses UDP or ICMP).
2. Your ISP blocking that server

[Brian Jojade]

Yes, it is possible to ban an IP address, but usually it would have to be an IP with hundreds of attempted logins by Eastern Bloc spammers. If you pick up one of those in your browser history your computer may be trying to log in from that address. Clearing your browser history will usually fix it.

Mac

FYI, I've run into the same issue a few times.  It seems that a half a dozen times or so of entering the wrong password is enough to get locked out of the forums at an IP for a period of time.  It clears itself up after a day or so and you can try again.

When I've tried to log in with a new machine and manually enter the password (and forget what it actually is and get frustrated typing in variants of older passwords in vain because I'm too lazy to actually go and verify it....) the lockout happens after just a few attempts.  I'm not sure if it's machine specific or IP specific though.  Once I get locked out, I swear a little, then go find something else to do instead.  Haven't taken the effort to troubleshoot further.

[Scott Holtzman]

I find all this fascinating.

Would you agree that it must be one of these two things or are there other possibilities?:
1. The server or HAProxy/LoadBalancer or firewall refusing TCP from your IP (I think traceroute uses UDP or ICMP).
2. Your ISP blocking that server

Yes it is interesting, HAProxy is an amazing little piece of software and there are very creative ways to use it in a Cloud MSP environment. 


Either someone saw this and fixed it (I had sent Mac my IP) as oddly it just started working again and I checked same IP. 


Your theory about the password though this is my desktop machine that is 3 years old and everything is buttoned down on 2FA lastpass.  I don't even touch my passwords manually.

[Scott Holtzman]

It seems to me that, in theory, it is possible. In fact, any site can block access for those who live in other countries or regions.

They can block down to a single IP (user).


You need to change your displayed name to your real name to participate here.

[ProSoundWeb Community]