Fidonet Portal






From: Janis Kracht (1:261/38)
To: All
Date: Sat, 28.03.20 00:52
blocked or no more free nodes!
Hi Alan,

>I have recently put a website online with BBBS using bbbsd with http and https
> and am getting lines in my log like..

> Got HTTP from ???.???.???.???Confused????, blocked or no more free nodes! Got raw
> from ???.???.???.???Confused????, blocked or no more free nodes!

Both you and Jeff see this message, I think Jeff mentioned to me he sees it
often. I don't see it that often (who knows why, not as many idiots hitting my
servers??Wink We both use iptables to ward off jerks, I'll show you the lines I
use for iptables at the end of this message.

>I have been running telnetd, rawd, ftpd and smtpd without issues. Once I added
> http and https to my bbbsd command line I've been seeing the above. After a
> time nothing responds anymore, not telnet, not raw and not ftp.

In the past when this did happen to bbbs over here, restarting the bbbsd daemon
helped. I generally kill the daemon and restart it about every two weeks just
out of habit. To clear the whatevers, if you know what I mean Smile

> Needless to say that is just not going to work. Smile

Understand. I checked my inet.log and don't see any connections from
???.???.etc.

>I'm not sure what the problem or solution might be. At the moment I have taken
> http and https off my command line to run the BBS servers but I would like to
> have the website available also.
> Anyone know why this happens or what I can do to make it work better?

The first thing I do after a reboot of the _system_ is iptables -F and iptables
-X to clean out the automatically installed iptables. Then after that I send
the following commands:

REM example: iptables -A INPUT -s IP-ADDRESS -j DROP
So I kill yandex.com and also semrush.com because they hit my system every day,
and often like this:

iptables -A OUTPUT -p tcp -m string --string "yandex.com" --algo kmp -j REJECT

Then I use a different line to stop idiots from smashing my HTTPD bbbs mailer
like this (two steps)
One:
sudo iptables -I INPUT -p tcp --dport 8090 -i eth0 -m state --state NEW -m
recent --set

Two:
sudo iptables -I INPUT -p tcp --dport 8090 -i eth0 -m state --state NEW -m
recent --update --seconds 60 --hitcount 2 -j DROP

8090 is the port I have always used for BBBSD. You would change that to the
port you use for bbbsd.

Hope this helps Smile

Take care,
Janis

--- BBBS/Li6 v4.10 Toy-4
* Origin: Prism bbs (1:261/38)

ABOUT

This forum contains echomail areas hosted on Nightmare BBS You can browse local echomail areas, italian fidonet areas and a selection of international fidonet areas, reading messages posted by users in Nightmare BBS or even other BBSs all over the world. You can find file areas too (functional to fidonet technology). You can browse echomail areas and download files with no registration, but if you want to write messages in echomail areas, or use fidonet netmail (private messages with fidomet technology), you have to register. Only a minimal set of data is required, functional to echomail and netmail usage (name, password, email); a registration and login with facebook is provided too, to allow easy registration. If you won't follow rules (each echomail areas has its own, regularly posted in the echomail), your account may be suspended;

CONTACT