[BlueOnyx:22924] Re: APF mystery - blocking BlueOnyx

[Meaulnes Legler @ MailList]

Hello Colin

there were some posts about DFix2/APF round May 5-6 in this list, read what 
happened there...

I was running APF, Dfix2 and Fail2ban on my servers, but I turned Dfix2 off 
because it is too fussy with users who entered a false password (e.g. 
connecting an old device or setting up a new one, at the Internet Café etc.), 
one's connection is banned by Dfix2 already after two attempts.

less /etc/apf/deny_hosts.rules
# added 83.76.86.xxx on 12/04/18 12:09:33 with comment: dFixblock2
83.76.86.xxx

Dfix2 is very compelling, but just too strict. And since I couldn't find out 
how to edit the rules in /etc/sec, I turned it off keeping APF and Fail2ban 
only.

No problems anymore. Until the next hack?:-(

Best regards

_⌢_
'¿')
`-´      Meaulnes Legler

 Zurich, Switzerland

+41¦0 44 260 16 60


On 26.05.19 09:16, Colin Jack wrote:

Hi Greg,

Hi Colin.

Look at /var/log/sec for anything that might indicate if it was dFix that 
blocked. If you see something there, we can tune to prevent that happening 
again.

GK

I did grep the log for the BX IPs but no result.

It is very weird – but I do like to run DFix2/APF on all my VPS and this is the 
only one doing strange stuff.

I will have another look and see if I can locate anything.

Thanks

Colin

    On 23 May 2019, at 3:27 am, Colin Jack <co...@mainline.co.uk 
<mailto:co...@mainline.co.uk>> wrote:

    I have a problem with one 5209R VPS that I cannot fathom.

    I would be interested in some feedback.

    I am running DFix2 / APF and APF appears to be blocking access to 
Blueonyx.it and also the Letsencrypt servers.

    The GUI cannot get BX News or the shop.

    LE renewals fail.

    I haven’t touched any of the rules.

    If I flush iptables it all starts working for a few hours.

    If I disable AFP it all works.

    I have looked in iptables for the BX IP but nothing.

    Same with APF blacklist. Not listed.

    I run DFix2 / APF on all my servers and don’t have a problem - except on 
this one.

    Any thoughts (Michael/Greg)?

    I have tried removing APF and re-installing without any luck.

    Regards

    Colin

    _______________________________________________
    Blueonyx mailing list
    Blueonyx@mail.blueonyx.it <mailto:Blueonyx@mail.blueonyx.it>
    http://mail.blueonyx.it/mailman/listinfo/blueonyx


_______________________________________________
Blueonyx mailing list
Blueonyx@mail.blueonyx.it
http://mail.blueonyx.it/mailman/listinfo/blueonyx

_______________________________________________
Blueonyx mailing list
Blueonyx@mail.blueonyx.it
http://mail.blueonyx.it/mailman/listinfo/blueonyx