Answer the question
In order to leave comments, you need to log in
I
I
Ivan Gaidamakin2014-01-02 14:33:52
Ivan Gaidamakin, 2014-01-02 14:33:52
Hosted by Hetzner. What is the blocking problem?
Good afternoon. For the new year, a letter of happiness came from Hetzner.
But I just can’t understand the reason for the blocking, mb someone came across?
Dear Sir or Madam
We have noticed that you have been using other IPs from the same subnet in addition to the main IP mentioned in the above subject line.
As this is not permitted, we regret to inform you that your server has been deactivated.
Guidelines regarding further course of action may be found in our wiki: http://wiki.hetzner.de/index.php/Leitfaden_bei_Serversperrung/en.
Yours faithfully
Your Hetzner Support Team
20:49:14.872364 d4:3d:7e:ec:e2:c2 > 3c:94:d5:4a:fb:8f, ethertype IPv4
(0x0800), length 60: 10.0.0.23.50729 > 217.20.156.132.80: Flags [F.], seq
0, ack 1, win 16425, length 0
20:49:14.872459 d4:3d:7e:ec:e2:c2 > 3c:94:d5:4a:fb:8f, ethertype IPv4
(0x0800), length 60: 10.0.0.23.50726 > 217.20.156.132.80: Flags [F.], seq
0, ack 1, win 16425, length 0
20:49:14.881149 d4:3d:7e:ec:e2:c2 > 3c:94:d5:4a:fb:8f, ethertype IPv4
(0x0800), length 60: 10.0.0.23.50297 > 217.20.156.132.80: Flags [R.], seq
2228016857, ack 1564851716, win 0, length 0
20:49:14.881396 d4:3d:7e:ec:e2:c2 > 3c:94:d5:4a:fb:8f, ethertype IPv4
(0x0800), length 60: 10.0.0.23.50303 > 217.20.156.132.80: Flags [R.], seq
179571770, ack 445233117, win 0, length 0
20:49:14.881403 d4:3d:7e:ec:e2:c2 > 3c:94:d5:4a:fb:8f, ethertype IPv4
(0x0800), length 60: 10.0.0.23.50300 > 217.20.156.132.80: Flags [R.], seq
3448799132, ack 3894804724, win 0, length 0
20:49:14.881493 d4:3d:7e:ec:e2:c2 > 3c:94:d5:4a:fb:8f, ethertype IPv4
(0x0800), length 60: 10.0.0.23.50510 > 217.20.156.132.80: Flags [F.], seq
3610448658, ack 2043173748, win 16425, length 0
20:49:14.881543 d4:3d:7e:ec:e2:c2 > 3c:94:d5:4a:fb:8f, ethertype IPv4
(0x0800), length 60: 10.0.0.23.50520 > 217.20.156.132.80: Flags [F.], seq
3546042462, ack 3955384971, win 16425, length 0
20:49:14.923081 d4:3d:7e:ec:e2:c2 > 3c:94:d5:4a:fb:8f, ethertype IPv4
(0x0800), length 60: 10.0.0.23.50741 > 217.20.156.132.80: Flags [F.], seq
2960922356, ack 1201645409, win 16425, length 0
20:49:14.923429 d4:3d:7e:ec:e2:c2 > 3c:94:d5:4a:fb:8f, ethertype IPv4
(0x0800), length 60: 10.0.0.23.50733 > 217.20.156.132.80: Flags [F.], seq
927323144, ack 3955151748, win 16425, length 0
20:49:14.966261 d4:3d:7e:ec:e2:c2 > 3c:94:d5:4a:fb:8f, ethertype IPv4
(0x0800), length 60: 10.0.0.23.50734 > 217.20.156.132.80: Flags [F.], seq
2152588544, ack 3333123073, win 16415, length 0 4 answer(s)
@MeGaPk
@MeGaPk
I
Ilya Evseev, 2014-01-02 @MeGaPk
d4:3d:7e:ec:e2:c2 is a virtual machine poppy or dom0?
If virtual machines, then it was necessary to hang up private addresses not on the Management-interface, but to create a separate type "Single-Server Private Network".
The virtual machine began to spoil its requests across the bridge to the outside world (because the gateway was not configured for it), and Hetzner rightly did not like it.
If dom0, then it was necessary to enable NAT in dom0:
iptables -t nat -I POSTROUTING -s 10.0.0.0/8 '!' -d 10.0.0.0/8 -j MASQUERADE
I
Ivan Gaidamakin, 2014-01-02 @MeGaPk
the trick is this, I made a local adapter on the server like this:
ifconfig xenbr0:0 10.0.0.1 netmask 255.255.255.0 up
And through iptables I did traffic redirection like this:
-A PREROUTING -d EXT_IP -j DNAT --to-destination 10.0. 0.23
-A POSTROUTING -s 10.0.0.23 -j SNAT --to-source EXT_IP
and gave the virtual machine IP: 10.0.0.23.
Or does hetzner say that they tried to ddos from this IP?
Similar questions
A
A
P
S
H
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question