• blocked or no more free nodes!

    From Alan Ianson@1:153/757 to All on Thu Mar 26 11:46:48 2020
    Hello All,

    I have recently put a website online with BBBS using bbbsd with http and https and am getting lines in my log like..

    Got HTTP from ???.???.???.???:?????, blocked or no more free nodes! Got raw from ???.???.???.???:?????, blocked or no more free nodes!

    I have been running telnetd, rawd, ftpd and smtpd without issues. Once I added http and https to my bbbsd command line I've been seeing the above. After a time nothing responds anymore, not telnet, not raw and not ftp.

    Needless to say that is just not going to work. :)

    I'm not sure what the problem or solution might be. At the moment I have taken http and https off my command line to run the BBS servers but I would like to have the website available also.

    Anyone know why this happens or what I can do to make it work better?

    --- BBBS/Li6 v4.10 Toy-4
    * Origin: The Rusty MailBox - Penticton, BC Canada (1:153/757)
  • From Janis Kracht@1:261/38 to Alan Ianson on Sat Mar 28 00:57:14 2020
    Hi Alan,

    I have recently put a website online with BBBS using bbbsd with http and https
    and am getting lines in my log like..

    Got HTTP from ???.???.???.???:?????, blocked or no more free nodes! Got raw from ???.???.???.???:?????, blocked or no more free nodes!

    Both you and Jeff see this message, I think Jeff mentioned to me he sees it often. I don't see it that often (who knows why, not as many idiots hitting my servers??) We both use iptables to ward off jerks, I'll show you the lines I use for iptables at the end of this message.

    I have been running telnetd, rawd, ftpd and smtpd without issues. Once I added
    http and https to my bbbsd command line I've been seeing the above. After a time nothing responds anymore, not telnet, not raw and not ftp.

    In the past when this did happen to bbbs over here, restarting the bbbsd daemon helped. I generally kill the daemon and restart it about every two weeks just out of habit. To clear the whatevers, if you know what I mean :)

    Needless to say that is just not going to work. :)

    Understand. I checked my inet.log and don't see any connections from ???.???.etc.

    I'm not sure what the problem or solution might be. At the moment I have taken
    http and https off my command line to run the BBS servers but I would like to have the website available also.
    Anyone know why this happens or what I can do to make it work better?

    The first thing I do after a reboot of the _system_ is iptables -F and iptables -X to clean out the automatically installed iptables. Then after that I send the following commands:

    REM example: iptables -A INPUT -s IP-ADDRESS -j DROP
    So I kill yandex.com and also semrush.com because they hit my system every day, and often like this:

    iptables -A OUTPUT -p tcp -m string --string "yandex.com" --algo kmp -j REJECT

    Then I use a different line to stop idiots from smashing my HTTPD bbbs mailer like this (two steps)
    One:
    sudo iptables -I INPUT -p tcp --dport 8090 -i eth0 -m state --state NEW -m recent --set

    Two:
    sudo iptables -I INPUT -p tcp --dport 8090 -i eth0 -m state --state NEW -m recent --update --seconds 60 --hitcount 2 -j DROP

    8090 is the port I have always used for BBBSD. You would change that to the port you use for bbbsd.

    Hope this helps :)

    Take care,
    Janis

    --- BBBS/Li6 v4.10 Toy-4
    * Origin: Prism bbs (1:261/38)