curl & wget time out

16 posts / 0 new
Last post
#1 Tue, 09/23/2014 - 09:42
lex

curl & wget time out

Hi,

this is not a real virtualmin thing, but maybe you can help me...

On my server, curl or wget are not able to connect. So sites that need info from other sites just hang until they time out.

Something is writing all the time to iptables (might be fail2ban? as I had to install that when the server was ddos attacked). But I'll include the output of iptables -L here anyway.

How do I find out what is causing this?

(p.s. in "preview" I see the attachment (iptables.txt) here, but as soon as I hit save and see the real thing I don't see it. What am I doing wrong?)

Tue, 09/23/2014 - 10:04
andreychek

Howdy,

Well, there aren't any issues that jump out at me with your firewall rules, though you could always try turning them off if you wanted to troubleshoot.

However, are you by chance running behind a NAT router? Is your server's primary IP address a private IP, rather than a public IP?

-Eric

Tue, 09/23/2014 - 10:15 (Reply to #2)
lex

Hi Eric, thanks for your answer!

I don't think it's behind a NAT router, all this used to work before... I'll see if I can find out how to disbale iptables temporarily and see what happens.

Tue, 09/23/2014 - 10:12
lex

Here's the output from iptables-save:

# Generated by iptables-save v1.4.4 on Tue Sep 23 15:54:31 2014
*nat
:PREROUTING ACCEPT [9729271:898136247]
:POSTROUTING ACCEPT [22077574:1522218922]
:OUTPUT ACCEPT [22077574:1522218922]
COMMIT
# Completed on Tue Sep 23 15:54:31 2014
# Generated by iptables-save v1.4.4 on Tue Sep 23 15:54:31 2014
*mangle
:PREROUTING ACCEPT [163470909:30559970773]
:INPUT ACCEPT [163052307:30403985471]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [128744720:165135738580]
:POSTROUTING ACCEPT [128737603:165135332155]
COMMIT
# Completed on Tue Sep 23 15:54:31 2014
# Generated by iptables-save v1.4.4 on Tue Sep 23 15:54:31 2014
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT DROP [7117:406425]
:ALLOWIN - [0:0]
:ALLOWOUT - [0:0]
:DENYIN - [0:0]
:DENYOUT - [0:0]
:INVALID - [0:0]
:INVDROP - [0:0]
:LOCALINPUT - [0:0]
:LOCALOUTPUT - [0:0]
:LOGDROPIN - [0:0]
:LOGDROPOUT - [0:0]
:fail2ban-ssh-ddos - [0:0]
-A INPUT -p tcp -m multiport --dports 22 -j fail2ban-ssh-ddos
-A INPUT -p tcp -m state --state NEW -m tcp --dport 20000 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 10000 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 20000 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 10000 -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p tcp -m tcp --dport 22 -m state --state NEW -j ACCEPT
-A INPUT -s 213.171.217.173/32 -p udp -m udp --dport 161 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -m tcp --dport 443 -m state --state NEW -j ACCEPT
-A INPUT -p udp -m udp --dport 53 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -m tcp --dport 53 -m state --state NEW -j ACCEPT
-A INPUT -p udp -m udp --dport 69 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -m tcp --dport 69 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -m tcp --dport 25 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -m tcp --dport 110 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -m tcp --dport 143 -m state --state NEW -j ACCEPT
-A INPUT -p udp -m udp --dport 123 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -m tcp --dport 20 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -m tcp --dport 21 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -m tcp --dport 3306 -m state --state NEW -j ACCEPT
-A INPUT -p udp -m udp --dport 3306 -m state --state NEW -j ACCEPT
-A INPUT -j DROP
-A OUTPUT -o lo -j ACCEPT
-A OUTPUT -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
-A DENYIN -s 185.31.160.158/32 ! -i lo -j DROP
-A DENYIN -s 190.210.142.142/32 ! -i lo -j DROP
-A DENYIN -s 122.225.109.218/32 ! -i lo -j DROP
-A DENYIN -s 122.225.109.211/32 ! -i lo -j DROP
-A DENYIN -s 122.225.109.208/32 ! -i lo -j DROP
-A DENYIN -s 1.93.33.2/32 ! -i lo -j DROP
-A DENYIN -s 108.178.56.14/32 ! -i lo -j DROP
-A DENYIN -s 202.165.179.126/32 ! -i lo -j DROP
-A DENYIN -s 60.190.71.52/32 ! -i lo -j DROP
-A DENYIN -s 148.251.20.110/32 ! -i lo -j DROP
-A DENYIN -s 65.126.16.92/32 ! -i lo -j DROP
-A DENYIN -s 122.225.109.102/32 ! -i lo -j DROP
-A DENYIN -s 122.225.109.214/32 ! -i lo -j DROP
-A DENYIN -s 116.10.191.182/32 ! -i lo -j DROP
-A DENYIN -s 115.238.111.214/32 ! -i lo -j DROP
-A DENYIN -s 61.147.101.110/32 ! -i lo -j DROP
-A DENYIN -s 120.209.139.184/32 ! -i lo -j DROP
-A DENYIN -s 194.58.88.96/32 ! -i lo -j DROP
-A DENYIN -s 79.120.178.197/32 ! -i lo -j DROP
-A DENYIN -s 116.10.191.236/32 ! -i lo -j DROP
-A DENYIN -s 61.167.49.135/32 ! -i lo -j DROP
-A DENYIN -s 116.10.191.177/32 ! -i lo -j DROP
-A DENYIN -s 144.0.0.65/32 ! -i lo -j DROP
-A DENYIN -s 61.4.83.186/32 ! -i lo -j DROP
-A DENYIN -s 192.3.160.77/32 ! -i lo -j DROP
-A DENYIN -s 122.225.109.217/32 ! -i lo -j DROP
-A DENYIN -s 37.58.99.154/32 ! -i lo -j DROP
-A DENYIN -s 115.112.206.171/32 ! -i lo -j DROP
-A DENYIN -s 144.0.0.61/32 ! -i lo -j DROP
-A DENYIN -s 122.225.109.194/32 ! -i lo -j DROP
-A DENYIN -s 60.173.10.95/32 ! -i lo -j DROP
-A DENYIN -s 122.225.109.207/32 ! -i lo -j DROP
-A DENYIN -s 218.24.113.2/32 ! -i lo -j DROP
-A DENYIN -s 61.133.211.118/32 ! -i lo -j DROP
-A DENYIN -s 187.237.132.226/32 ! -i lo -j DROP
-A DENYIN -s 116.10.191.183/32 ! -i lo -j DROP
-A DENYIN -s 122.225.109.114/32 ! -i lo -j DROP
-A DENYIN -s 144.0.0.48/32 ! -i lo -j DROP
-A DENYIN -s 122.225.109.100/32 ! -i lo -j DROP
-A DENYIN -s 47.68.203.61/32 ! -i lo -j DROP
-A DENYIN -s 144.0.0.70/32 ! -i lo -j DROP
-A DENYIN -s 113.107.233.165/32 ! -i lo -j DROP
-A DENYIN -s 42.62.17.250/32 ! -i lo -j DROP
-A DENYIN -s 103.20.148.157/32 ! -i lo -j DROP
-A DENYIN -s 189.203.240.50/32 ! -i lo -j DROP
-A DENYIN -s 1.93.34.213/32 ! -i lo -j DROP
-A DENYIN -s 192.69.94.98/32 ! -i lo -j DROP
-A DENYIN -s 80.241.46.147/32 ! -i lo -j DROP
-A DENYIN -s 203.147.88.202/32 ! -i lo -j DROP
-A DENYIN -s 144.0.0.49/32 ! -i lo -j DROP
-A DENYIN -s 122.225.109.101/32 ! -i lo -j DROP
-A DENYIN -s 222.186.34.237/32 ! -i lo -j DROP
-A DENYIN -s 222.186.34.239/32 ! -i lo -j DROP
-A DENYIN -s 222.186.34.241/32 ! -i lo -j DROP
-A DENYIN -s 222.186.34.238/32 ! -i lo -j DROP
-A DENYIN -s 222.186.34.242/32 ! -i lo -j DROP
-A DENYIN -s 222.186.34.244/32 ! -i lo -j DROP
-A DENYIN -s 222.186.34.245/32 ! -i lo -j DROP
-A DENYIN -s 222.186.34.246/32 ! -i lo -j DROP
-A DENYIN -s 222.186.34.240/32 ! -i lo -j DROP
-A DENYIN -s 222.186.34.243/32 ! -i lo -j DROP
-A DENYIN -s 222.186.34.36/32 ! -i lo -j DROP
-A DENYIN -s 115.239.248.121/32 ! -i lo -j DROP
-A DENYIN -s 220.177.198.40/32 ! -i lo -j DROP
-A DENYIN -s 220.177.198.38/32 ! -i lo -j DROP
-A DENYIN -s 115.239.248.122/32 ! -i lo -j DROP
-A DENYIN -s 220.177.198.24/32 ! -i lo -j DROP
-A DENYIN -s 115.239.248.57/32 ! -i lo -j DROP
-A DENYIN -s 115.239.248.50/32 ! -i lo -j DROP
-A DENYIN -s 115.239.248.51/32 ! -i lo -j DROP
-A DENYIN -s 117.21.191.209/32 ! -i lo -j DROP
-A DENYIN -s 115.239.248.90/32 ! -i lo -j DROP
-A DENYIN -s 220.177.198.93/32 ! -i lo -j DROP
-A DENYIN -s 151.237.190.123/32 ! -i lo -j DROP
-A DENYIN -s 200.75.106.70/32 ! -i lo -j DROP
-A DENYIN -s 176.102.37.57/32 ! -i lo -j DROP
-A DENYIN -s 122.225.109.117/32 ! -i lo -j DROP
-A DENYIN -s 117.41.182.252/32 ! -i lo -j DROP
-A DENYIN -s 69.16.238.6/32 ! -i lo -j DROP
-A DENYIN -s 111.74.238.237/32 ! -i lo -j DROP
-A DENYIN -s 111.74.238.152/32 ! -i lo -j DROP
-A DENYIN -s 111.74.238.151/32 ! -i lo -j DROP
-A DENYIN -s 222.186.34.122/32 ! -i lo -j DROP
-A DENYIN -s 111.74.239.35/32 ! -i lo -j DROP
-A DENYIN -s 202.109.143.18/32 ! -i lo -j DROP
-A DENYIN -s 111.74.239.197/32 ! -i lo -j DROP
-A DENYIN -s 222.186.34.117/32 ! -i lo -j DROP
-A DENYIN -s 202.109.143.5/32 ! -i lo -j DROP
-A DENYIN -s 202.109.143.16/32 ! -i lo -j DROP
-A DENYIN -s 202.109.143.42/32 ! -i lo -j DROP
-A DENYIN -s 202.109.143.53/32 ! -i lo -j DROP
-A DENYIN -s 202.109.143.89/32 ! -i lo -j DROP
-A DENYIN -s 222.186.34.121/32 ! -i lo -j DROP
-A DENYIN -s 202.109.143.56/32 ! -i lo -j DROP
-A DENYIN -s 115.239.248.85/32 ! -i lo -j DROP
-A DENYIN -s 222.186.34.118/32 ! -i lo -j DROP
-A DENYIN -s 222.186.34.119/32 ! -i lo -j DROP
-A DENYIN -s 222.186.34.123/32 ! -i lo -j DROP
-A DENYIN -s 202.109.143.95/32 ! -i lo -j DROP
-A DENYIN -s 222.186.34.115/32 ! -i lo -j DROP
-A DENYIN -s 111.74.238.125/32 ! -i lo -j DROP
-A DENYIN -s 222.186.58.205/32 ! -i lo -j DROP
-A DENYIN -s 222.187.221.152/32 ! -i lo -j DROP
-A DENYIN -s 222.186.50.229/32 ! -i lo -j DROP
-A DENYIN -s 122.225.109.221/32 ! -i lo -j DROP
-A DENYIN -s 222.186.34.116/32 ! -i lo -j DROP
-A DENYIN -s 61.174.50.213/32 ! -i lo -j DROP
-A DENYIN -s 111.74.238.124/32 ! -i lo -j DROP
-A DENYIN -s 222.186.34.114/32 ! -i lo -j DROP
-A DENYIN -s 176.42.4.149/32 ! -i lo -j DROP
-A DENYIN -s 61.156.8.189/32 ! -i lo -j DROP
-A DENYIN -s 122.225.109.195/32 ! -i lo -j DROP
-A DENYIN -s 60.173.10.205/32 ! -i lo -j DROP
-A DENYIN -s 122.225.109.118/32 ! -i lo -j DROP
-A DENYIN -s 219.138.135.56/32 ! -i lo -j DROP
-A DENYIN -s 222.186.58.241/32 ! -i lo -j DROP
-A DENYIN -s 117.21.173.177/32 ! -i lo -j DROP
-A DENYIN -s 117.21.173.179/32 ! -i lo -j DROP
-A DENYIN -s 222.186.58.242/32 ! -i lo -j DROP
-A DENYIN -s 222.186.51.150/32 ! -i lo -j DROP
-A DENYIN -s 222.186.58.10/32 ! -i lo -j DROP
-A DENYIN -s 222.186.50.61/32 ! -i lo -j DROP
-A DENYIN -s 222.187.220.246/32 ! -i lo -j DROP
-A DENYIN -s 218.30.22.119/32 ! -i lo -j DROP
-A DENYIN -s 171.35.103.5/32 ! -i lo -j DROP
-A DENYIN -s 203.110.169.43/32 ! -i lo -j DROP
-A DENYIN -s 82.146.55.80/32 ! -i lo -j DROP
-A DENYIN -s 193.107.17.72/32 ! -i lo -j DROP
-A DENYIN -s 122.225.109.199/32 ! -i lo -j DROP
-A DENYIN -s 117.110.25.97/32 ! -i lo -j DROP
-A DENYIN -s 61.183.1.8/32 ! -i lo -j DROP
-A DENYIN -s 122.225.109.196/32 ! -i lo -j DROP
-A DENYIN -s 222.186.52.160/32 ! -i lo -j DROP
-A DENYIN -s 103.27.127.50/32 ! -i lo -j DROP
-A DENYIN -s 217.199.227.206/32 ! -i lo -j DROP
-A DENYIN -s 61.174.51.215/32 ! -i lo -j DROP
-A DENYIN -s 61.167.49.139/32 ! -i lo -j DROP
-A DENYIN -s 123.30.214.137/32 ! -i lo -j DROP
-A DENYIN -s 122.225.109.206/32 ! -i lo -j DROP
-A DENYIN -s 194.168.100.36/32 ! -i lo -j DROP
-A DENYIN -s 122.225.109.216/32 ! -i lo -j DROP
-A DENYIN -s 221.6.233.62/32 ! -i lo -j DROP
-A DENYIN -s 212.129.56.29/32 ! -i lo -j DROP
-A DENYIN -s 109.169.41.164/32 ! -i lo -j DROP
-A DENYIN -s 122.225.109.200/32 ! -i lo -j DROP
-A DENYIN -s 60.173.11.108/32 ! -i lo -j DROP
-A DENYIN -s 189.203.240.71/32 ! -i lo -j DROP
-A DENYIN -s 122.226.140.158/32 ! -i lo -j DROP
-A DENYIN -s 61.174.51.230/32 ! -i lo -j DROP
-A DENYIN -s 117.21.173.175/32 ! -i lo -j DROP
-A DENYIN -s 61.174.51.212/32 ! -i lo -j DROP
-A DENYIN -s 61.174.51.227/32 ! -i lo -j DROP
-A DENYIN -s 58.18.172.171/32 ! -i lo -j DROP
-A DENYIN -s 213.229.113.27/32 ! -i lo -j DROP
-A DENYIN -s 122.225.109.197/32 ! -i lo -j DROP
-A DENYIN -s 60.173.11.104/32 ! -i lo -j DROP
-A DENYIN -s 218.2.0.132/32 ! -i lo -j DROP
-A DENYIN -s 218.6.19.50/32 ! -i lo -j DROP
-A DENYIN -s 88.150.239.4/32 ! -i lo -j DROP
-A DENYIN -s 60.173.26.163/32 ! -i lo -j DROP
-A DENYIN -s 61.174.51.211/32 ! -i lo -j DROP
-A DENYIN -s 61.174.51.229/32 ! -i lo -j DROP
-A DENYIN -s 144.0.0.35/32 ! -i lo -j DROP
-A DENYIN -s 61.174.51.232/32 ! -i lo -j DROP
-A DENYIN -s 95.110.224.185/32 ! -i lo -j DROP
-A DENYIN -s 50.56.193.15/32 ! -i lo -j DROP
-A DENYIN -s 31.199.3.187/32 ! -i lo -j DROP
-A DENYIN -s 37.9.53.91/32 ! -i lo -j DROP
-A DENYIN -s 122.225.109.110/32 ! -i lo -j DROP
-A DENYIN -s 144.0.0.51/32 ! -i lo -j DROP
-A DENYIN -s 60.173.10.69/32 ! -i lo -j DROP
-A DENYIN -s 115.248.176.229/32 ! -i lo -j DROP
-A DENYIN -s 122.225.109.113/32 ! -i lo -j DROP
-A DENYIN -s 91.183.69.99/32 ! -i lo -j DROP
-A DENYIN -s 222.219.187.9/32 ! -i lo -j DROP
-A DENYIN -s 118.244.159.214/32 ! -i lo -j DROP
-A DENYIN -s 119.188.7.201/32 ! -i lo -j DROP
-A DENYIN -s 123.157.150.57/32 ! -i lo -j DROP
-A DENYIN -s 212.7.212.23/32 ! -i lo -j DROP
-A DENYIN -s 122.225.109.222/32 ! -i lo -j DROP
-A DENYIN -s 61.174.50.216/32 ! -i lo -j DROP
-A DENYIN -s 144.0.0.59/32 ! -i lo -j DROP
-A DENYIN -s 190.196.209.41/32 ! -i lo -j DROP
-A DENYIN -s 61.174.51.234/32 ! -i lo -j DROP
-A DENYIN -s 23.102.130.171/32 ! -i lo -j DROP
-A DENYIN -s 61.174.50.184/32 ! -i lo -j DROP
-A DENYIN -s 112.199.117.198/32 ! -i lo -j DROP
-A DENYIN -s 31.181.181.120/32 ! -i lo -j DROP
-A DENYIN -s 210.14.69.244/32 ! -i lo -j DROP
-A DENYIN -s 122.228.207.76/32 ! -i lo -j DROP
-A DENYIN -s 122.225.109.98/32 ! -i lo -j DROP
-A DENYIN -s 222.186.52.3/32 ! -i lo -j DROP
-A DENYIN -s 218.2.0.125/32 ! -i lo -j DROP
-A DENYIN -s 92.44.212.179/32 ! -i lo -j DROP
-A DENYIN -s 75.148.216.82/32 ! -i lo -j DROP
-A DENYIN -s 219.148.196.154/32 ! -i lo -j DROP
-A DENYIN -s 122.225.109.109/32 ! -i lo -j DROP
-A DENYIN -s 122.225.109.202/32 ! -i lo -j DROP
-A DENYIN -s 211.154.213.117/32 ! -i lo -j DROP
-A DENYIN -s 122.225.109.198/32 ! -i lo -j DROP
-A DENYOUT -d 185.31.160.158/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 190.210.142.142/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 122.225.109.218/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 122.225.109.211/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 122.225.109.208/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 1.93.33.2/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 108.178.56.14/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 202.165.179.126/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 60.190.71.52/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 148.251.20.110/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 65.126.16.92/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 122.225.109.102/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 122.225.109.214/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 116.10.191.182/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 115.238.111.214/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 61.147.101.110/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 120.209.139.184/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 194.58.88.96/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 79.120.178.197/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 116.10.191.236/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 61.167.49.135/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 116.10.191.177/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 144.0.0.65/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 61.4.83.186/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 192.3.160.77/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 122.225.109.217/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 37.58.99.154/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 115.112.206.171/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 144.0.0.61/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 122.225.109.194/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 60.173.10.95/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 122.225.109.207/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 218.24.113.2/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 61.133.211.118/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 187.237.132.226/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 116.10.191.183/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 122.225.109.114/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 144.0.0.48/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 122.225.109.100/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 47.68.203.61/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 144.0.0.70/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 113.107.233.165/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 42.62.17.250/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 103.20.148.157/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 189.203.240.50/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 1.93.34.213/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 192.69.94.98/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 80.241.46.147/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 203.147.88.202/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 144.0.0.49/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 122.225.109.101/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 222.186.34.237/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 222.186.34.239/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 222.186.34.241/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 222.186.34.238/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 222.186.34.242/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 222.186.34.244/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 222.186.34.245/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 222.186.34.246/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 222.186.34.240/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 222.186.34.243/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 222.186.34.36/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 115.239.248.121/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 220.177.198.40/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 220.177.198.38/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 115.239.248.122/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 220.177.198.24/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 115.239.248.57/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 115.239.248.50/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 115.239.248.51/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 117.21.191.209/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 115.239.248.90/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 220.177.198.93/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 151.237.190.123/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 200.75.106.70/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 176.102.37.57/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 122.225.109.117/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 117.41.182.252/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 69.16.238.6/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 111.74.238.237/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 111.74.238.152/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 111.74.238.151/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 222.186.34.122/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 111.74.239.35/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 202.109.143.18/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 111.74.239.197/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 222.186.34.117/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 202.109.143.5/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 202.109.143.16/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 202.109.143.42/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 202.109.143.53/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 202.109.143.89/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 222.186.34.121/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 202.109.143.56/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 115.239.248.85/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 222.186.34.118/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 222.186.34.119/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 222.186.34.123/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 202.109.143.95/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 222.186.34.115/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 111.74.238.125/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 222.186.58.205/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 222.187.221.152/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 222.186.50.229/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 122.225.109.221/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 222.186.34.116/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 61.174.50.213/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 111.74.238.124/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 222.186.34.114/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 176.42.4.149/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 61.156.8.189/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 122.225.109.195/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 60.173.10.205/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 122.225.109.118/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 219.138.135.56/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 222.186.58.241/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 117.21.173.177/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 117.21.173.179/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 222.186.58.242/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 222.186.51.150/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 222.186.58.10/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 222.186.50.61/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 222.187.220.246/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 218.30.22.119/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 171.35.103.5/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 203.110.169.43/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 82.146.55.80/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 193.107.17.72/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 122.225.109.199/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 117.110.25.97/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 61.183.1.8/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 122.225.109.196/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 222.186.52.160/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 103.27.127.50/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 217.199.227.206/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 61.174.51.215/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 61.167.49.139/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 123.30.214.137/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 122.225.109.206/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 194.168.100.36/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 122.225.109.216/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 221.6.233.62/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 212.129.56.29/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 109.169.41.164/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 122.225.109.200/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 60.173.11.108/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 189.203.240.71/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 122.226.140.158/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 61.174.51.230/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 117.21.173.175/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 61.174.51.212/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 61.174.51.227/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 58.18.172.171/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 213.229.113.27/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 122.225.109.197/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 60.173.11.104/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 218.2.0.132/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 218.6.19.50/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 88.150.239.4/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 60.173.26.163/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 61.174.51.211/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 61.174.51.229/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 144.0.0.35/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 61.174.51.232/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 95.110.224.185/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 50.56.193.15/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 31.199.3.187/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 37.9.53.91/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 122.225.109.110/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 144.0.0.51/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 60.173.10.69/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 115.248.176.229/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 122.225.109.113/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 91.183.69.99/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 222.219.187.9/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 118.244.159.214/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 119.188.7.201/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 123.157.150.57/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 212.7.212.23/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 122.225.109.222/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 61.174.50.216/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 144.0.0.59/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 190.196.209.41/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 61.174.51.234/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 23.102.130.171/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 61.174.50.184/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 112.199.117.198/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 31.181.181.120/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 210.14.69.244/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 122.228.207.76/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 122.225.109.98/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 222.186.52.3/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 218.2.0.125/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 92.44.212.179/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 75.148.216.82/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 219.148.196.154/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 122.225.109.109/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 122.225.109.202/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 211.154.213.117/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 122.225.109.198/32 ! -o lo -j LOGDROPOUT
-A fail2ban-ssh-ddos -j RETURN
COMMIT
# Completed on Tue Sep 23 15:54:31 2014
Tue, 09/23/2014 - 10:23 (Reply to #4)
lex

And here's ip6tables-save: (I don't know why there's two versions running at the same time...)

# Generated by ip6tables-save v1.4.4 on Tue Sep 23 16:18:56 2014
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT DROP [0:0]
:ALLOWIN - [0:0]
:ALLOWOUT - [0:0]
:DENYIN - [0:0]
:DENYOUT - [0:0]
:INVALID - [0:0]
:INVDROP - [0:0]
:LOCALINPUT - [0:0]
:LOCALOUTPUT - [0:0]
:LOGDROPIN - [0:0]
:LOGDROPOUT - [0:0]
-A INPUT ! -i lo -j LOCALINPUT
-A INPUT -i lo -j ACCEPT
-A INPUT ! -i lo -p tcp -j INVALID
-A INPUT ! -i lo -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 20 -j ACCEPT
-A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 21 -j ACCEPT
-A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 25 -j ACCEPT
-A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 53 -j ACCEPT
-A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
-A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 110 -j ACCEPT
-A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 143 -j ACCEPT
-A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT
-A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 465 -j ACCEPT
-A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 587 -j ACCEPT
-A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 993 -j ACCEPT
-A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 995 -j ACCEPT
-A INPUT ! -i lo -p udp -m state --state NEW -m udp --dport 20 -j ACCEPT
-A INPUT ! -i lo -p udp -m state --state NEW -m udp --dport 21 -j ACCEPT
-A INPUT ! -i lo -p udp -m state --state NEW -m udp --dport 53 -j ACCEPT
-A INPUT ! -i lo -p ipv6-icmp -j ACCEPT
-A INPUT ! -i lo -j LOGDROPIN
-A OUTPUT ! -o lo -j LOCALOUTPUT
-A OUTPUT ! -o lo -p tcp -m tcp --dport 53 -j ACCEPT
-A OUTPUT ! -o lo -p udp -m udp --dport 53 -j ACCEPT
-A OUTPUT ! -o lo -p tcp -m tcp --sport 53 -j ACCEPT
-A OUTPUT ! -o lo -p udp -m udp --sport 53 -j ACCEPT
-A OUTPUT -o lo -j ACCEPT
-A OUTPUT ! -o lo -p tcp -j INVALID
-A OUTPUT ! -o lo -m state --state RELATED,ESTABLISHED -j ACCEPT
-A OUTPUT ! -o lo -p tcp -m state --state NEW -m tcp --dport 20 -j ACCEPT
-A OUTPUT ! -o lo -p tcp -m state --state NEW -m tcp --dport 21 -j ACCEPT
-A OUTPUT ! -o lo -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A OUTPUT ! -o lo -p tcp -m state --state NEW -m tcp --dport 25 -j ACCEPT
-A OUTPUT ! -o lo -p tcp -m state --state NEW -m tcp --dport 53 -j ACCEPT
-A OUTPUT ! -o lo -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
-A OUTPUT ! -o lo -p tcp -m state --state NEW -m tcp --dport 110 -j ACCEPT
-A OUTPUT ! -o lo -p tcp -m state --state NEW -m tcp --dport 113 -j ACCEPT
-A OUTPUT ! -o lo -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT
-A OUTPUT ! -o lo -p udp -m state --state NEW -m udp --dport 20 -j ACCEPT
-A OUTPUT ! -o lo -p udp -m state --state NEW -m udp --dport 21 -j ACCEPT
-A OUTPUT ! -o lo -p udp -m state --state NEW -m udp --dport 53 -j ACCEPT
-A OUTPUT ! -o lo -p udp -m state --state NEW -m udp --dport 113 -j ACCEPT
-A OUTPUT ! -o lo -p udp -m state --state NEW -m udp --dport 123 -j ACCEPT
-A OUTPUT ! -o lo -p ipv6-icmp -j ACCEPT
-A OUTPUT ! -o lo -j LOGDROPOUT
-A INVALID -m state --state INVALID -j INVDROP
-A INVALID -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -j INVDROP
-A INVALID -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,SYN,RST,PSH,ACK,URG -j INVDROP
-A INVALID -p tcp -m tcp --tcp-flags FIN,SYN FIN,SYN -j INVDROP
-A INVALID -p tcp -m tcp --tcp-flags SYN,RST SYN,RST -j INVDROP
-A INVALID -p tcp -m tcp --tcp-flags FIN,RST FIN,RST -j INVDROP
-A INVALID -p tcp -m tcp --tcp-flags FIN,ACK FIN -j INVDROP
-A INVALID -p tcp -m tcp --tcp-flags PSH,ACK PSH -j INVDROP
-A INVALID -p tcp -m tcp --tcp-flags ACK,URG URG -j INVDROP
-A INVALID -p tcp -m tcp ! --tcp-flags FIN,SYN,RST,ACK SYN -m state --state NEW -j INVDROP
-A INVDROP -j DROP
-A LOCALINPUT ! -i lo -j ALLOWIN
-A LOCALINPUT ! -i lo -j DENYIN
-A LOCALOUTPUT ! -o lo -j ALLOWOUT
-A LOCALOUTPUT ! -o lo -j DENYOUT
-A LOGDROPIN -p tcp -m tcp --dport 67 -j DROP
-A LOGDROPIN -p udp -m udp --dport 67 -j DROP
-A LOGDROPIN -p tcp -m tcp --dport 68 -j DROP
-A LOGDROPIN -p udp -m udp --dport 68 -j DROP
-A LOGDROPIN -p tcp -m tcp --dport 111 -j DROP
-A LOGDROPIN -p udp -m udp --dport 111 -j DROP
-A LOGDROPIN -p tcp -m tcp --dport 113 -j DROP
-A LOGDROPIN -p udp -m udp --dport 113 -j DROP
-A LOGDROPIN -p tcp -m tcp --dport 135:139 -j DROP
-A LOGDROPIN -p udp -m udp --dport 135:139 -j DROP
-A LOGDROPIN -p tcp -m tcp --dport 445 -j DROP
-A LOGDROPIN -p udp -m udp --dport 445 -j DROP
-A LOGDROPIN -p tcp -m tcp --dport 500 -j DROP
-A LOGDROPIN -p udp -m udp --dport 500 -j DROP
-A LOGDROPIN -p tcp -m tcp --dport 513 -j DROP
-A LOGDROPIN -p udp -m udp --dport 513 -j DROP
-A LOGDROPIN -p tcp -m tcp --dport 520 -j DROP
-A LOGDROPIN -p udp -m udp --dport 520 -j DROP
-A LOGDROPIN -p tcp -m limit --limit 30/min -j LOG --log-prefix "Firewall: *TCP6IN Blocked* "
-A LOGDROPIN -p udp -m limit --limit 30/min -j LOG --log-prefix "Firewall: *UDP6IN Blocked* "
-A LOGDROPIN -p ipv6-icmp -m limit --limit 30/min -j LOG --log-prefix "Firewall: *ICMP6IN Blocked* "
-A LOGDROPIN -j DROP
-A LOGDROPOUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -m limit --limit 30/min -j LOG --log-prefix "Firewall: *TCP6OUT Blocked* " --log-uid
-A LOGDROPOUT -p udp -m limit --limit 30/min -j LOG --log-prefix "Firewall: *UDP6OUT Blocked* " --log-uid
-A LOGDROPOUT -p ipv6-icmp -m limit --limit 30/min -j LOG --log-prefix "Firewall: *ICMP6OUT Blocked* " --log-uid
-A LOGDROPOUT -j DROP
COMMIT
# Completed on Tue Sep 23 16:18:56 2014
Tue, 09/23/2014 - 15:38
andreychek

Howdy,

Well, the output of "iptables -L" is the only thing that would matter, as that shows what is active. Rules can be active without necessarily being listed in the iptables save file.

Do you see any related errors in your log files? Normally, you'll see a notification when the firewall drops packets.

Also, when logged into your server over SSH, can you telnet to port 80?

Lastly, what is the output of "/sbin/ifconfig"? You can hide part of your IP addresses if you want, but make sure the first two numbers are still listed, if possible.

-Eric

Thu, 10/02/2014 - 08:19
lex

Thanks Eric!

About checking the logs, I know this will sound stupid, but I don't know where and what to look for really... Somebody suggested writing a script that would try to connect to another server, and thus producing a lot of log file entries so it'd be easier to spot where the problem is...

Anyway, here's what you asked:

telnet:

telnet checkip.dyndns.org 80
Trying 216.146.43.70...
Trying 91.198.22.70...
Trying 216.146.38.70...
Trying 216.146.39.70...
telnet: Unable to connect to remote host: Connection timed out

ifconfig:

eth0      Link encap:Ethernet  HWaddr 00:19:99:59:cd:ab 
          inet addr:88.208.193.145  Bcast:88.208.195.255  Mask:255.255.252.0
          inet6 addr: fe80::219:99ff:fe59:cdab/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:155289496 errors:0 dropped:0 overruns:0 frame:0
          TX packets:195464199 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:30547529182 (30.5 GB)  TX bytes:186898372368 (186.8 GB)
          Memory:fc400000-fc420000

eth0:1    Link encap:Ethernet  HWaddr 00:19:99:59:cd:ab 
          inet addr:88.208.193.146  Bcast:88.208.195.255  Mask:255.255.252.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Memory:fc400000-fc420000

lo        Link encap:Local Loopback 
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:39832613 errors:0 dropped:0 overruns:0 frame:0
          TX packets:39832613 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:5586105785 (5.5 GB)  TX bytes:5586105785 (5.5 GB)

iptables -L:

Chain INPUT (policy DROP)
target     prot opt source               destination        
fail2ban-ssh-ddos  tcp  --  anywhere             anywhere            multiport dports ssh
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:20000
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:webmin
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:20000
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:webmin
ACCEPT     all  --  anywhere             anywhere           
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ssh state NEW
ACCEPT     udp  --  213.171.217.173      anywhere            udp dpt:snmp state NEW
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:www state NEW
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:https state NEW
ACCEPT     udp  --  anywhere             anywhere            udp dpt:domain state NEW
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:domain state NEW
ACCEPT     udp  --  anywhere             anywhere            udp dpt:tftp state NEW
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:69 state NEW
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:smtp state NEW
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:pop3 state NEW
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:imap2 state NEW
ACCEPT     udp  --  anywhere             anywhere            udp dpt:ntp state NEW
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ftp-data state NEW
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ftp state NEW
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:mysql state NEW
ACCEPT     udp  --  anywhere             anywhere            udp dpt:mysql state NEW
DROP       all  --  anywhere             anywhere           

Chain FORWARD (policy DROP)
target     prot opt source               destination        

Chain OUTPUT (policy DROP)
target     prot opt source               destination        
ACCEPT     all  --  anywhere             anywhere           
ACCEPT     all  --  anywhere             anywhere            state NEW,RELATED,ESTABLISHED

Chain ALLOWIN (0 references)
target     prot opt source               destination        

Chain ALLOWOUT (0 references)
target     prot opt source               destination        

Chain DENYIN (0 references)
target     prot opt source               destination        
DROP       all  --  222.186.34.122       anywhere           
DROP       all  --  111.74.239.35        anywhere           
DROP       all  --  202.109.143.18       anywhere           
DROP       all  --  111.74.239.197       anywhere           
DROP       all  --  222.186.34.117       anywhere           
DROP       all  --  202.109.143.5        anywhere           
DROP       all  --  202.109.143.16       anywhere           
DROP       all  --  202.109.143.42       anywhere           
DROP       all  --  202.109.143.53       anywhere           
DROP       all  --  202.109.143.89       anywhere           
DROP       all  --  222.186.34.121       anywhere           
DROP       all  --  202.109.143.56       anywhere           
DROP       all  --  115.239.248.85       anywhere           
DROP       all  --  222.186.34.118       anywhere           
DROP       all  --  222.186.34.119       anywhere           
DROP       all  --  222.186.34.123       anywhere           
DROP       all  --  202.109.143.95       anywhere           
DROP       all  --  222.186.34.115       anywhere           
DROP       all  --  111.74.238.125       anywhere           
DROP       all  --  222.186.58.205       anywhere           
DROP       all  --  222.187.221.152      anywhere           
DROP       all  --  222.186.50.229       anywhere           
DROP       all  --  122.225.109.221      anywhere           
DROP       all  --  222.186.34.116       anywhere           
DROP       all  --  213.50.174.61.dial.wz.zj.dynamic.163data.com.cn  anywhere           
DROP       all  --  111.74.238.124       anywhere           
DROP       all  --  222.186.34.114       anywhere           
DROP       all  --  host-176-42-4-149.reverse.superonline.net  anywhere           
DROP       all  --  61.156.8.189         anywhere           
DROP       all  --  122.225.109.195      anywhere           
DROP       all  --  60.173.10.205        anywhere           
DROP       all  --  122.225.109.118      anywhere           
DROP       all  --  219.138.135.56       anywhere           
DROP       all  --  222.186.58.241       anywhere           
DROP       all  --  117.21.173.177       anywhere           
DROP       all  --  117.21.173.179       anywhere           
DROP       all  --  222.186.58.242       anywhere           
DROP       all  --  222.186.51.150       anywhere           
DROP       all  --  222.186.58.10        anywhere           
DROP       all  --  222.186.50.61        anywhere           
DROP       all  --  222.187.220.246      anywhere           
DROP       all  --  218.30.22.119        anywhere           
DROP       all  --  5.103.35.171.adsl-pool.jx.chinaunicom.com  anywhere           
DROP       all  --  43.169.110.203.in-addr.arpa  anywhere           
DROP       all  --  cirsfera.ru          anywhere           
DROP       all  --  193.107.17.72        anywhere           
DROP       all  --  122.225.109.199      anywhere           
DROP       all  --  117.110.25.97        anywhere           
DROP       all  --  61.183.1.8           anywhere           
DROP       all  --  122.225.109.196      anywhere           
DROP       all  --  222.186.52.160       anywhere           
DROP       all  --  103-27-127-50.sunnyvision.com  anywhere           
DROP       all  --  217.199.227.206      anywhere           
DROP       all  --  215.51.174.61.dial.wz.zj.dynamic.163data.com.cn  anywhere           
DROP       all  --  61.167.49.139        anywhere           
DROP       all  --  static.vdc.vn        anywhere           
DROP       all  --  122.225.109.206      anywhere           
DROP       all  --  36.100-168-194.static.virginmediabusiness.co.uk  anywhere           
DROP       all  --  122.225.109.216      anywhere           
DROP       all  --  221.6.233.62         anywhere           
DROP       all  --  212-129-56-29.rev.poneytelecom.eu  anywhere           
DROP       all  --  109.169.41.164       anywhere           
DROP       all  --  122.225.109.200      anywhere           
DROP       all  --  60.173.11.108        anywhere           
DROP       all  --  fixed-203-240-71.iusacell.net  anywhere           
DROP       all  --  122.226.140.158      anywhere           
DROP       all  --  230.51.174.61.dial.wz.zj.dynamic.163data.com.cn  anywhere           
DROP       all  --  117.21.173.175       anywhere           
DROP       all  --  212.51.174.61.dial.wz.zj.dynamic.163data.com.cn  anywhere           
DROP       all  --  227.51.174.61.dial.wz.zj.dynamic.163data.com.cn  anywhere           
DROP       all  --  58.18.172.171        anywhere           
DROP       all  --  .                    anywhere           
DROP       all  --  122.225.109.197      anywhere           
DROP       all  --  60.173.11.104        anywhere           
DROP       all  --  218.2.0.132          anywhere           
DROP       all  --  218.6.19.50          anywhere           
DROP       all  --  h88-150-239-4.host.redstation.co.uk  anywhere           
DROP       all  --  60.173.26.163        anywhere           
DROP       all  --  211.51.174.61.dial.wz.zj.dynamic.163data.com.cn  anywhere           
DROP       all  --  229.51.174.61.dial.wz.zj.dynamic.163data.com.cn  anywhere           
DROP       all  --  144.0.0.35           anywhere           
DROP       all  --  232.51.174.61.dial.wz.zj.dynamic.163data.com.cn  anywhere           
DROP       all  --  host185-224-110-95.serverdedicati.aruba.it  anywhere           
DROP       all  --  50-56-193-15.static.cloud-ips.com  anywhere           
DROP       all  --  host187-3-static.199-31-b.business.telecomitalia.it  anywhere           
DROP       all  --  37.9.53.91           anywhere           
DROP       all  --  122.225.109.110      anywhere           
DROP       all  --  144.0.0.51           anywhere           
DROP       all  --  60.173.10.69         anywhere           
DROP       all  --  115.248.176.229      anywhere           
DROP       all  --  122.225.109.113      anywhere           
DROP       all  --  99.69-183-91.adsl-static.isp.belgacom.be  anywhere           
DROP       all  --  222.219.187.9        anywhere           
DROP       all  --  118.244.159.214      anywhere           
DROP       all  --  119.188.7.201        anywhere           
DROP       all  --  123.157.150.57       anywhere           
DROP       all  --  steel.fibrenetworks.org  anywhere           
DROP       all  --  122.225.109.222      anywhere           
DROP       all  --  216.50.174.61.dial.wz.zj.dynamic.163data.com.cn  anywhere           
DROP       all  --  144.0.0.59           anywhere           
DROP       all  --  41.209.196.190.orbyta.com.in-addr.arpa  anywhere           
DROP       all  --  234.51.174.61.dial.wz.zj.dynamic.163data.com.cn  anywhere           
DROP       all  --  23.102.130.171       anywhere           
DROP       all  --  184.50.174.61.dial.wz.zj.dynamic.163data.com.cn  anywhere           
DROP       all  --  198.117.199.112.clbrz.inet.eastern-tele.com  anywhere           
DROP       all  --  31.181.181.120       anywhere           
DROP       all  --  210.14.69.244        anywhere           
DROP       all  --  122.228.207.76       anywhere           
DROP       all  --  122.225.109.98       anywhere           
DROP       all  --  222.186.52.3         anywhere           
DROP       all  --  218.2.0.125          anywhere           
DROP       all  --  host-92-44-212-179.reverse.superonline.net  anywhere           
DROP       all  --  75-148-216-82-Houston.hfc.comcastbusiness.net  anywhere           
DROP       all  --  219.148.196.154      anywhere           
DROP       all  --  122.225.109.109      anywhere           
DROP       all  --  122.225.109.202      anywhere           
DROP       all  --  211.154.213.117      anywhere           
DROP       all  --  122.225.109.198      anywhere           
DROP       all  --  122.225.109.209      anywhere           
DROP       all  --  122.225.109.203      anywhere           
DROP       all  --  122.225.109.219      anywhere           
DROP       all  --  144.0.0.66           anywhere           
DROP       all  --  82.221.102.179       anywhere           
DROP       all  --  82.221.109.194       anywhere           
DROP       all  --  1.93.29.130          anywhere           
DROP       all  --  117.27.152.26        anywhere           
DROP       all  --  226.51.174.61.dial.wz.zj.dynamic.163data.com.cn  anywhere           
DROP       all  --  222.191.249.132      anywhere           
DROP       all  --  193.104.41.202       anywhere           
DROP       all  --  193.104.41.10        anywhere           
DROP       all  --  fixed-203-240-24.iusacell.net  anywhere           
DROP       all  --  91.240.163.39        anywhere           
DROP       all  --  144.0.0.54           anywhere           
DROP       all  --  187-40-80-102.user.veloxzone.com.br  anywhere           
DROP       all  --  usloft1168.serverprofi24.com  anywhere           
DROP       all  --  122.225.109.104      anywhere           
DROP       all  --  202.165.179.126      anywhere           
DROP       all  --  212-83-150-74.rev.poneytelecom.eu  anywhere           
DROP       all  --  183.224.42.11        anywhere           
DROP       all  --  31.181.230.201       anywhere           
DROP       all  --  122.225.109.108      anywhere           
DROP       all  --  218.2.0.133          anywhere           
DROP       all  --  182.140.141.26       anywhere           
DROP       all  --  122.225.109.106      anywhere           
DROP       all  --  122.225.109.217      anywhere           
DROP       all  --  233.51.174.61.dial.wz.zj.dynamic.163data.com.cn  anywhere           
DROP       all  --  119.82.99.3.reverse.spectranet.in  anywhere           
DROP       all  --  228.51.174.61.dial.wz.zj.dynamic.163data.com.cn  anywhere           
DROP       all  --  31.181.134.100       anywhere           
DROP       all  --  214.51.174.61.dial.wz.zj.dynamic.163data.com.cn  anywhere           
DROP       all  --  122.225.103.118      anywhere           
DROP       all  --  202.129.16.27        anywhere           
DROP       all  --  corp-200-105-232-100-uio.punto.net.ec  anywhere           
DROP       all  --  fixed-203-240-34.iusacell.net  anywhere           
DROP       all  --  135.109.214.105      anywhere           
DROP       all  --  235.50.174.61.dial.wz.zj.dynamic.163data.com.cn  anywhere           
DROP       all  --  61.143.236.193       anywhere           
DROP       all  --  144.0.0.33           anywhere           
DROP       all  --  122.225.109.100      anywhere           
DROP       all  --  222.122.30.51        anywhere           
DROP       all  --  212-129-11-247.rev.poneytelecom.eu  anywhere           
DROP       all  --  172.50.174.61.dial.wz.zj.dynamic.163data.com.cn  anywhere           
DROP       all  --  123.125.219.130      anywhere           
DROP       all  --  76.72.171.166        anywhere           
DROP       all  --  231.51.174.61.dial.wz.zj.dynamic.163data.com.cn  anywhere           
DROP       all  --  60.173.10.67         anywhere           
DROP       all  --  195-154-12-58.rev.poneytelecom.eu  anywhere           
DROP       all  --  123.127.36.162       anywhere           
DROP       all  --  vps72110737.123-vps.co.uk  anywhere           
DROP       all  --  122.225.109.215      anywhere           
DROP       all  --  122.225.109.214      anywhere           
DROP       all  --  fixed-203-240-96.iusacell.net  anywhere           
DROP       all  --  178.208.132.196      anywhere           
DROP       all  --  122.225.109.208      anywhere           
DROP       all  --  65.55.41.7           anywhere           
DROP       all  --  static-103-241-144-197.ctrls.in  anywhere           
DROP       all  --  122.225.109.121      anywhere           
DROP       all  --  183.57.57.159        anywhere           
DROP       all  --  249.50.174.61.dial.wz.zj.dynamic.163data.com.cn  anywhere           
DROP       all  --  222.186.26.251       anywhere           
DROP       all  --  ip223.hichina.com    anywhere           
DROP       all  --  u16534395.onlinehome-server.com  anywhere           
DROP       all  --  122.225.109.207      anywhere           
DROP       all  --  42.62.17.250         anywhere           
DROP       all  --  225.50.174.61.dial.wz.zj.dynamic.163data.com.cn  anywhere           
DROP       all  --  122.225.109.212      anywhere           
DROP       all  --  122.225.109.111      anywhere           
DROP       all  --  222.186.59.63        anywhere           
DROP       all  --  122.225.109.112      anywhere           
DROP       all  --  cs3.oxxus.net        anywhere           
DROP       all  --  35.243.143.211.static.sz.js.chinamobile.com  anywhere           
DROP       all  --  36.84.241.188        anywhere           
DROP       all  --  211.138.30.174       anywhere           
DROP       all  --  112.21.198.28        anywhere           
DROP       all  --  212-83-176-8.rev.poneytelecom.eu  anywhere           
DROP       all  --  144.0.0.29           anywhere           
DROP       all  --  149.50.174.61.dial.wz.zj.dynamic.163data.com.cn  anywhere           
DROP       all  --  230.224.148.210.rev.iijgio.jp  anywhere           
DROP       all  --  117.27.158.104       anywhere           
DROP       all  --  224.50.174.61.dial.wz.zj.dynamic.163data.com.cn  anywhere           

Chain DENYOUT (0 references)
target     prot opt source               destination        
LOGDROPOUT  all  --  anywhere             222.186.34.122     
LOGDROPOUT  all  --  anywhere             111.74.239.35      
LOGDROPOUT  all  --  anywhere             202.109.143.18     
LOGDROPOUT  all  --  anywhere             111.74.239.197     
LOGDROPOUT  all  --  anywhere             222.186.34.117     
LOGDROPOUT  all  --  anywhere             202.109.143.5      
LOGDROPOUT  all  --  anywhere             202.109.143.16     
LOGDROPOUT  all  --  anywhere             202.109.143.42     
LOGDROPOUT  all  --  anywhere             202.109.143.53     
LOGDROPOUT  all  --  anywhere             202.109.143.89     
LOGDROPOUT  all  --  anywhere             222.186.34.121     
LOGDROPOUT  all  --  anywhere             202.109.143.56     
LOGDROPOUT  all  --  anywhere             115.239.248.85     
LOGDROPOUT  all  --  anywhere             222.186.34.118     
LOGDROPOUT  all  --  anywhere             222.186.34.119     
LOGDROPOUT  all  --  anywhere             222.186.34.123     
LOGDROPOUT  all  --  anywhere             202.109.143.95     
LOGDROPOUT  all  --  anywhere             222.186.34.115     
LOGDROPOUT  all  --  anywhere             111.74.238.125     
LOGDROPOUT  all  --  anywhere             222.186.58.205     
LOGDROPOUT  all  --  anywhere             222.187.221.152    
LOGDROPOUT  all  --  anywhere             222.186.50.229     
LOGDROPOUT  all  --  anywhere             122.225.109.221    
LOGDROPOUT  all  --  anywhere             222.186.34.116     
LOGDROPOUT  all  --  anywhere             213.50.174.61.dial.wz.zj.dynamic.163data.com.cn
LOGDROPOUT  all  --  anywhere             111.74.238.124     
LOGDROPOUT  all  --  anywhere             222.186.34.114     
LOGDROPOUT  all  --  anywhere             host-176-42-4-149.reverse.superonline.net
LOGDROPOUT  all  --  anywhere             61.156.8.189       
LOGDROPOUT  all  --  anywhere             122.225.109.195    
LOGDROPOUT  all  --  anywhere             60.173.10.205      
LOGDROPOUT  all  --  anywhere             122.225.109.118    
LOGDROPOUT  all  --  anywhere             219.138.135.56     
LOGDROPOUT  all  --  anywhere             222.186.58.241     
LOGDROPOUT  all  --  anywhere             117.21.173.177     
LOGDROPOUT  all  --  anywhere             117.21.173.179     
LOGDROPOUT  all  --  anywhere             222.186.58.242     
LOGDROPOUT  all  --  anywhere             222.186.51.150     
LOGDROPOUT  all  --  anywhere             222.186.58.10      
LOGDROPOUT  all  --  anywhere             222.186.50.61      
LOGDROPOUT  all  --  anywhere             222.187.220.246    
LOGDROPOUT  all  --  anywhere             218.30.22.119      
LOGDROPOUT  all  --  anywhere             5.103.35.171.adsl-pool.jx.chinaunicom.com
LOGDROPOUT  all  --  anywhere             43.169.110.203.in-addr.arpa
LOGDROPOUT  all  --  anywhere             cirsfera.ru        
LOGDROPOUT  all  --  anywhere             193.107.17.72      
LOGDROPOUT  all  --  anywhere             122.225.109.199    
LOGDROPOUT  all  --  anywhere             117.110.25.97      
LOGDROPOUT  all  --  anywhere             61.183.1.8         
LOGDROPOUT  all  --  anywhere             122.225.109.196    
LOGDROPOUT  all  --  anywhere             222.186.52.160     
LOGDROPOUT  all  --  anywhere             103-27-127-50.sunnyvision.com
LOGDROPOUT  all  --  anywhere             217.199.227.206    
LOGDROPOUT  all  --  anywhere             215.51.174.61.dial.wz.zj.dynamic.163data.com.cn
LOGDROPOUT  all  --  anywhere             61.167.49.139      
LOGDROPOUT  all  --  anywhere             static.vdc.vn      
LOGDROPOUT  all  --  anywhere             122.225.109.206    
LOGDROPOUT  all  --  anywhere             36.100-168-194.static.virginmediabusiness.co.uk
LOGDROPOUT  all  --  anywhere             122.225.109.216    
LOGDROPOUT  all  --  anywhere             221.6.233.62       
LOGDROPOUT  all  --  anywhere             212-129-56-29.rev.poneytelecom.eu
LOGDROPOUT  all  --  anywhere             109.169.41.164     
LOGDROPOUT  all  --  anywhere             122.225.109.200    
LOGDROPOUT  all  --  anywhere             60.173.11.108      
LOGDROPOUT  all  --  anywhere             fixed-203-240-71.iusacell.net
LOGDROPOUT  all  --  anywhere             122.226.140.158    
LOGDROPOUT  all  --  anywhere             230.51.174.61.dial.wz.zj.dynamic.163data.com.cn
LOGDROPOUT  all  --  anywhere             117.21.173.175     
LOGDROPOUT  all  --  anywhere             212.51.174.61.dial.wz.zj.dynamic.163data.com.cn
LOGDROPOUT  all  --  anywhere             227.51.174.61.dial.wz.zj.dynamic.163data.com.cn
LOGDROPOUT  all  --  anywhere             58.18.172.171      
LOGDROPOUT  all  --  anywhere             .                  
LOGDROPOUT  all  --  anywhere             122.225.109.197    
LOGDROPOUT  all  --  anywhere             60.173.11.104      
LOGDROPOUT  all  --  anywhere             218.2.0.132        
LOGDROPOUT  all  --  anywhere             218.6.19.50        
LOGDROPOUT  all  --  anywhere             h88-150-239-4.host.redstation.co.uk
LOGDROPOUT  all  --  anywhere             60.173.26.163      
LOGDROPOUT  all  --  anywhere             211.51.174.61.dial.wz.zj.dynamic.163data.com.cn
LOGDROPOUT  all  --  anywhere             229.51.174.61.dial.wz.zj.dynamic.163data.com.cn
LOGDROPOUT  all  --  anywhere             144.0.0.35         
LOGDROPOUT  all  --  anywhere             232.51.174.61.dial.wz.zj.dynamic.163data.com.cn
LOGDROPOUT  all  --  anywhere             host185-224-110-95.serverdedicati.aruba.it
LOGDROPOUT  all  --  anywhere             50-56-193-15.static.cloud-ips.com
LOGDROPOUT  all  --  anywhere             host187-3-static.199-31-b.business.telecomitalia.it
LOGDROPOUT  all  --  anywhere             37.9.53.91         
LOGDROPOUT  all  --  anywhere             122.225.109.110    
LOGDROPOUT  all  --  anywhere             144.0.0.51         
LOGDROPOUT  all  --  anywhere             60.173.10.69       
LOGDROPOUT  all  --  anywhere             115.248.176.229    
LOGDROPOUT  all  --  anywhere             122.225.109.113    
LOGDROPOUT  all  --  anywhere             99.69-183-91.adsl-static.isp.belgacom.be
LOGDROPOUT  all  --  anywhere             222.219.187.9      
LOGDROPOUT  all  --  anywhere             118.244.159.214    
LOGDROPOUT  all  --  anywhere             119.188.7.201      
LOGDROPOUT  all  --  anywhere             123.157.150.57     
LOGDROPOUT  all  --  anywhere             steel.fibrenetworks.org
LOGDROPOUT  all  --  anywhere             122.225.109.222    
LOGDROPOUT  all  --  anywhere             216.50.174.61.dial.wz.zj.dynamic.163data.com.cn
LOGDROPOUT  all  --  anywhere             144.0.0.59         
LOGDROPOUT  all  --  anywhere             41.209.196.190.orbyta.com.in-addr.arpa
LOGDROPOUT  all  --  anywhere             234.51.174.61.dial.wz.zj.dynamic.163data.com.cn
LOGDROPOUT  all  --  anywhere             23.102.130.171     
LOGDROPOUT  all  --  anywhere             184.50.174.61.dial.wz.zj.dynamic.163data.com.cn
LOGDROPOUT  all  --  anywhere             198.117.199.112.clbrz.inet.eastern-tele.com
LOGDROPOUT  all  --  anywhere             31.181.181.120     
LOGDROPOUT  all  --  anywhere             210.14.69.244      
LOGDROPOUT  all  --  anywhere             122.228.207.76     
LOGDROPOUT  all  --  anywhere             122.225.109.98     
LOGDROPOUT  all  --  anywhere             222.186.52.3       
LOGDROPOUT  all  --  anywhere             218.2.0.125        
LOGDROPOUT  all  --  anywhere             host-92-44-212-179.reverse.superonline.net
LOGDROPOUT  all  --  anywhere             75-148-216-82-Houston.hfc.comcastbusiness.net
LOGDROPOUT  all  --  anywhere             219.148.196.154    
LOGDROPOUT  all  --  anywhere             122.225.109.109    
LOGDROPOUT  all  --  anywhere             122.225.109.202    
LOGDROPOUT  all  --  anywhere             211.154.213.117    
LOGDROPOUT  all  --  anywhere             122.225.109.198    
LOGDROPOUT  all  --  anywhere             122.225.109.209    
LOGDROPOUT  all  --  anywhere             122.225.109.203    
LOGDROPOUT  all  --  anywhere             122.225.109.219    
LOGDROPOUT  all  --  anywhere             144.0.0.66         
LOGDROPOUT  all  --  anywhere             82.221.102.179     
LOGDROPOUT  all  --  anywhere             82.221.109.194     
LOGDROPOUT  all  --  anywhere             1.93.29.130        
LOGDROPOUT  all  --  anywhere             117.27.152.26      
LOGDROPOUT  all  --  anywhere             226.51.174.61.dial.wz.zj.dynamic.163data.com.cn
LOGDROPOUT  all  --  anywhere             222.191.249.132    
LOGDROPOUT  all  --  anywhere             193.104.41.202     
LOGDROPOUT  all  --  anywhere             193.104.41.10      
LOGDROPOUT  all  --  anywhere             fixed-203-240-24.iusacell.net
LOGDROPOUT  all  --  anywhere             91.240.163.39      
LOGDROPOUT  all  --  anywhere             144.0.0.54         
LOGDROPOUT  all  --  anywhere             187-40-80-102.user.veloxzone.com.br
LOGDROPOUT  all  --  anywhere             usloft1168.serverprofi24.com
LOGDROPOUT  all  --  anywhere             122.225.109.104    
LOGDROPOUT  all  --  anywhere             202.165.179.126    
LOGDROPOUT  all  --  anywhere             212-83-150-74.rev.poneytelecom.eu
LOGDROPOUT  all  --  anywhere             183.224.42.11      
LOGDROPOUT  all  --  anywhere             31.181.230.201     
LOGDROPOUT  all  --  anywhere             122.225.109.108    
LOGDROPOUT  all  --  anywhere             218.2.0.133        
LOGDROPOUT  all  --  anywhere             182.140.141.26     
LOGDROPOUT  all  --  anywhere             122.225.109.106    
LOGDROPOUT  all  --  anywhere             122.225.109.217    
LOGDROPOUT  all  --  anywhere             233.51.174.61.dial.wz.zj.dynamic.163data.com.cn
LOGDROPOUT  all  --  anywhere             119.82.99.3.reverse.spectranet.in
LOGDROPOUT  all  --  anywhere             228.51.174.61.dial.wz.zj.dynamic.163data.com.cn
LOGDROPOUT  all  --  anywhere             31.181.134.100     
LOGDROPOUT  all  --  anywhere             214.51.174.61.dial.wz.zj.dynamic.163data.com.cn
LOGDROPOUT  all  --  anywhere             122.225.103.118    
LOGDROPOUT  all  --  anywhere             202.129.16.27      
LOGDROPOUT  all  --  anywhere             corp-200-105-232-100-uio.punto.net.ec
LOGDROPOUT  all  --  anywhere             fixed-203-240-34.iusacell.net
LOGDROPOUT  all  --  anywhere             135.109.214.105    
LOGDROPOUT  all  --  anywhere             235.50.174.61.dial.wz.zj.dynamic.163data.com.cn
LOGDROPOUT  all  --  anywhere             61.143.236.193     
LOGDROPOUT  all  --  anywhere             144.0.0.33         
LOGDROPOUT  all  --  anywhere             122.225.109.100    
LOGDROPOUT  all  --  anywhere             222.122.30.51      
LOGDROPOUT  all  --  anywhere             212-129-11-247.rev.poneytelecom.eu
LOGDROPOUT  all  --  anywhere             172.50.174.61.dial.wz.zj.dynamic.163data.com.cn
LOGDROPOUT  all  --  anywhere             123.125.219.130    
LOGDROPOUT  all  --  anywhere             76.72.171.166      
LOGDROPOUT  all  --  anywhere             231.51.174.61.dial.wz.zj.dynamic.163data.com.cn
LOGDROPOUT  all  --  anywhere             60.173.10.67       
LOGDROPOUT  all  --  anywhere             195-154-12-58.rev.poneytelecom.eu
LOGDROPOUT  all  --  anywhere             123.127.36.162     
LOGDROPOUT  all  --  anywhere             vps72110737.123-vps.co.uk
LOGDROPOUT  all  --  anywhere             122.225.109.215    
LOGDROPOUT  all  --  anywhere             122.225.109.214    
LOGDROPOUT  all  --  anywhere             fixed-203-240-96.iusacell.net
LOGDROPOUT  all  --  anywhere             178.208.132.196    
LOGDROPOUT  all  --  anywhere             122.225.109.208    
LOGDROPOUT  all  --  anywhere             65.55.41.7         
LOGDROPOUT  all  --  anywhere             static-103-241-144-197.ctrls.in
LOGDROPOUT  all  --  anywhere             122.225.109.121    
LOGDROPOUT  all  --  anywhere             183.57.57.159      
LOGDROPOUT  all  --  anywhere             249.50.174.61.dial.wz.zj.dynamic.163data.com.cn
LOGDROPOUT  all  --  anywhere             222.186.26.251     
LOGDROPOUT  all  --  anywhere             ip223.hichina.com  
LOGDROPOUT  all  --  anywhere             u16534395.onlinehome-server.com
LOGDROPOUT  all  --  anywhere             122.225.109.207    
LOGDROPOUT  all  --  anywhere             42.62.17.250       
LOGDROPOUT  all  --  anywhere             225.50.174.61.dial.wz.zj.dynamic.163data.com.cn
LOGDROPOUT  all  --  anywhere             122.225.109.212    
LOGDROPOUT  all  --  anywhere             122.225.109.111    
LOGDROPOUT  all  --  anywhere             222.186.59.63      
LOGDROPOUT  all  --  anywhere             122.225.109.112    
LOGDROPOUT  all  --  anywhere             cs3.oxxus.net      
LOGDROPOUT  all  --  anywhere             35.243.143.211.static.sz.js.chinamobile.com
LOGDROPOUT  all  --  anywhere             36.84.241.188      
LOGDROPOUT  all  --  anywhere             211.138.30.174     
LOGDROPOUT  all  --  anywhere             112.21.198.28      
LOGDROPOUT  all  --  anywhere             212-83-176-8.rev.poneytelecom.eu
LOGDROPOUT  all  --  anywhere             144.0.0.29         
LOGDROPOUT  all  --  anywhere             149.50.174.61.dial.wz.zj.dynamic.163data.com.cn
LOGDROPOUT  all  --  anywhere             230.224.148.210.rev.iijgio.jp
LOGDROPOUT  all  --  anywhere             117.27.158.104     
LOGDROPOUT  all  --  anywhere             224.50.174.61.dial.wz.zj.dynamic.163data.com.cn

Chain INVALID (0 references)
target     prot opt source               destination        

Chain INVDROP (0 references)
target     prot opt source               destination        

Chain LOCALINPUT (0 references)
target     prot opt source               destination        

Chain LOCALOUTPUT (0 references)
target     prot opt source               destination        

Chain LOGDROPIN (0 references)
target     prot opt source               destination        

Chain LOGDROPOUT (200 references)
target     prot opt source               destination        

Chain fail2ban-ssh-ddos (1 references)
target     prot opt source               destination        
RETURN     all  --  anywhere             anywhere           
Sun, 10/05/2014 - 12:30
lex

Hi, does this help or would you prefer to get more data from me? Thanks!

Mon, 10/06/2014 - 09:08
andreychek

Howdy,

The log files that firewall logging would show up in differs depending on your distro... but it'll usually show up if you were to run "dmesg", and look at the tail end of that output.

On CentOS, I'm not entirely certain which it is -- it's likely either /var/log/messages or /var/log/secure.

That might be a good place to start. It's difficult to rule out the firewall, as there's quite a few rules there, though I don't see any that would obviously be causing a problem.

You could also try disabling the firewall altogether, though hopefully reviewing the logs would help as well.

-Eric

Tue, 10/07/2014 - 07:40
lex

Ok thanks Eric, I'll start with checking the log files (I'm on Ubuntu)

Saludos!

Wed, 10/08/2014 - 07:33
lex

Doesn't help much, does it?

[Tue Oct 07 23:31:42 2014] [error] [client 88.20.123.52] PHP Warning:  fopen(http://www.ktools.net/webmgr/push.updatecheck.php?product=ps&version=4.5.4&builddate=2014.04.08): failed to open stream: Connection timed out in /home/peng/public_html/manager/widgets/updater/panel.php on line 145, referer: http://www.photosgrancanaria.com/manager/mgr.welcome.php?ep=1
[Tue Oct 07 23:31:42 2014] [error] [client 88.20.123.52] PHP Warning:  stream_set_timeout() expects parameter 1 to be resource, boolean given in /home/peng/public_html/manager/widgets/updater/panel.php on line 147, referer: http://www.photosgrancanaria.com/manager/mgr.welcome.php?ep=1
[Tue Oct 07 23:31:42 2014] [error] [client 88.20.123.52] PHP Warning:  stream_set_blocking() expects parameter 1 to be resource, boolean given in /home/peng/public_html/manager/widgets/updater/panel.php on line 148, referer: http://www.photosgrancanaria.com/manager/mgr.welcome.php?ep=1
[Tue Oct 07 23:31:45 2014] [error] [client 88.20.123.52] PHP Warning:  fopen(http://www.ktools.net/webmgr/push.news.php?product=&version=&builddate=): failed to open stream: Connection timed out in /home/peng/public_html/manager/widgets/knews/panel.php on line 118, referer: http://www.photosgrancanaria.com/manager/mgr.welcome.php?ep=1
[Tue Oct 07 23:31:45 2014] [error] [client 88.20.123.52] PHP Warning:  stream_set_timeout() expects parameter 1 to be resource, boolean given in /home/peng/public_html/manager/widgets/knews/panel.php on line 120, referer: http://www.photosgrancanaria.com/manager/mgr.welcome.php?ep=1
[Tue Oct 07 23:31:45 2014] [error] [client 88.20.123.52] PHP Warning:  stream_set_blocking() expects parameter 1 to be resource, boolean given in /home/peng/public_html/manager/widgets/knews/panel.php on line 121, referer: http://www.photosgrancanaria.com/manager/mgr.welcome.php?ep=1
Sun, 10/12/2014 - 12:19
lex

here's the dmesg output, hope it helps...

Wed, 10/15/2014 - 05:29
lex

Any suggestions for a next step? Thanks!

Wed, 10/15/2014 - 09:50
andreychek

Howdy,

Yeah, unfortunately, I'm not seeing much there in dmesg or the logs... were you able to disable the firewall altogether, temporarily?

The firewall is still my best guess as to what might cause what you're seeing, since it doesn't look like you're behind a NAT router.

-Eric

Tue, 11/11/2014 - 14:37
lex

Hi Eric, and thanks for all the suggestions. Finding it terribly difficult to do all this. I'll see if I can find a way to disable iptables withtout messing everything up (more).

How do I know if there's another firewall than iptables running that maybe should be 'disabled' as well? Is there an easy way to find out?

Thanks, lex

Tue, 11/11/2014 - 15:30
andreychek

Howdy,

Well, your server appears to be using some kind of tool to configure the firewall. However, it appears to be adding it through iptables.

So if you simply disable iptables, that may be all you need to do.

However, if something continues to add firewalls after disabling iptables, you would need to look into what third party software had been enabled, as that doesn't occur automatically. If you run into that, you could always post the output of "ps auxw", and we could see if anything there stands out as the culprit.

-Eric

Topic locked