[mythtv-users] Re: atprms.net unreachable? (ip blocking)

Scott catfather at donpoo.net
Tue Jun 14 20:15:07 UTC 2005

On Jun 14, 2005, at 2:48 PM, Axel Thimm wrote:
> Disconnecting and reconnecting is OK, the script only checks for >= 20
> *concurrent* connections. If yum really behaves unproper, please use
> apt.

This is my first attempt at using atrpms.net so I'm not familiar with  
the history of the site. Is this ip blocking a recent site addition?  
Having seen your email about clearing all blocked ips, I ran "yum  
update" on my htpc FC4 box without doing any other activity that  
would have brought me to atrpms.net. (ie: I didn't browse it).

Yum appears to have made about 10-11 connections to your ip before it  
was blackholded. Attached is the entire output of the yum command.  
The command was run at about 15:40 so you can check your web server  
logs for my IP ( prior to it being blocked and count the  
number of connections made from yum (look for the yum user agent in  

> while /bin/true; do
> /bin/cp -a /etc/blockedhosts /etc/blockedhosts.old
> netstat -pan | grep 160.45.32.[0-9]*:80| awk '{print $5}' | awk -F:  
> '{print $1}' |  sort | uniq -c | sort -n \
>  | grep '^ *[2-9][0-9][0-9]* ' | awk '{print $2}' >> /etc/blockedhosts
> sort -nu < /etc/blockedhosts | grep -vf /etc/whitelist > /etc/ 
> blockedhosts.new
> mv -f /etc/blockedhosts.new /etc/blockedhosts
> /etc/rc.local
> #diff -ud /etc/blockedhosts.old /etc/blockedhosts
> sleep 30

The connection count grep looks a bit funny to me. I tested it here  
on a heavily loaded web server at work and couldn't get good results.  
A small change to use awk instead of grep seems to work better. Here  
is the line I used to find IPs with a connection count greater than  
20 to port 80:

netstat -nap | grep ${MYIP} | awk '{print $5}' | awk -F: '{print  
$1}'  | sort | uniq -c | sort -n \
| awk '{if ($1 > 20) print $2}' >> /etc/blockedhosts;

In the above line a list like:


Only will match " awk '{if ($1 > 20) print $2}' ". Can  
you try this modification and unblock my ip? :)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: yum.atrpms.log
Type: application/octet-stream
Size: 3812 bytes
Desc: not available
Url : http://mythtv.org/pipermail/mythtv-users/attachments/20050614/73a8a32d/yum.atrpms.obj
-------------- next part --------------

Scott <catfather at donpoo.net>
AIM: BlueCame1

More information about the mythtv-users mailing list