Second build sold out. Message will appear here when store is ready for third build ordering.

Problem connecting to listen online [ip blacklist issue fixed in v1.539]

edited June 2022 in Problems Now Fixed

Hi all, I had been using Kiwi online to listen to a ham station in Ottawa using my previous internet provider with no issues, now I have a new provider, using the same router, and I haven't been able to connect.


Any thoughts?

«1

Comments

  • jksjks
    edited June 2022

    Do you mean a Kiwi you own or a someone else's Kiwi on the Internet? (it wasn't quite clear to me)

    If it's your own, do you mean you can connect from your local network but can't connect from the Internet (i.e. outside your local network) using the new provider?

    Also, we're having some problems with the proxy at the moment. So there might be a few seconds or maybe a minute of downtime if the Kiwi you're accessing is on the proxy service.

  • I mean someone else's Kiwi.

  • Can you get to any of the Kiwis shown on rx.kiwisdr.com?

    What does your browser say when the connection fails? That the host is not responding or that it couldn't resolve the hostname? And lastly, is the Kiwi in question on the proxy service, i.e. is its hostname of the form xxx.proxy.kiwisdr.com:8073 ?

  • I can't remember exactly what it says, and I'm not at home right now, but the site I'm trying to reach is http://ve3hoa.ddns.net:8074/

  • Okay, so not on the proxy. I was able to get there without problems. When you get home please let us know some more detail.

    You're in CA, so this probably doesn't apply. But I'll mention it anyway: http://forum.kiwisdr.com/discussion/comment/9770/#Comment_9770

  • I'll be home tomorrow evening, I'll check and report my findings.

    Thanks

  • This is what appears after quite a long wait.


  • Okay. Can you get to any other Kiwis listed on rx.kiwisdr.com?

  • No, I can't open any other sites either?

  • jksjks
    edited June 2022

    Can you connect to http://websdr.ewi.utwente.nl:8901/ ?

    What about just the generic http://kiwisdr.com ?

    If you use an ad blocker (e.g. uBlock Origin) try disabling it temporarily and see if that helps.

  • I'd start by restarting that phone.

    "I can't open any other sites either?" sounds like a data routing, mobile network or data limit issue.

    Restart the phone (not just lock/unlock) and try a big name news site in your area.

    Then once that works (assuming it does) go to http://rx.kiwisdr.com and try a couple of random SDR's


    If you have been traveling, mobiles will often not successfully register onto the right data network locally, until after a restart.

  • Since you originally mentioned router and new Internet provider I assume this is a phone connecting through wifi to a home network rather than the cell network, correct?

  • I wonder if the new connection details for the new service have been entered correctly or if they are using a service like TR-069 and have even remotely changed the WIFI.

    TBH I saw the form factor and assumed it would default to mobile data.

  • I can get to http://websdr.ewi.utwente.nl:8901/

    But not the generic KiwiSDR site, I am using my phone on wifi, if I go to my data plan, it works fine, I also use a desktop PC running Linux, and it can't connect to KiwiSDR over wifi either.


    Thanks

  • OK so for you to have changed from provider 1 to provider 2 who made the required changes to your router?

    Things like ISP service to connect to, and credentials to validate as a paying user on the service?

    If I changed here, I would need to enter those details as I use manual setup.

    When the new service took your order did they offer a free router or did they say they could take over the management of your existing hardware remotely (fairly unusual in my part of the world).

    Some domestic services offer remote administration but the hardware would have to be compatible and the remote access enabled, not secured to "provider 1".

    This sounds like a network issue separate to the Kiwi but we are short on information and some you may not want to post publicly.

    Does everything else work on the Linux box over Wifi? I.E. normal web browsing, videos on YouTube or similar?

  • jksjks
    edited June 2022

    Given you can't get to kiwisdr.com using your new ISP I would say you're being allocated a public ip address in a blacklisted ip range that is ignored by kiwisdr.com But that doesn't explain why you can't get to the original Kiwi site which is not using the proxy service (hosted on kiwisdr.com). So I am at a loss to explain any of this..

    While using wifi could you visit the site icanhazip.com and email the result to support@kiwisdr.com please? I want to double check the status of your public ip.

  • edited June 2022

    I emailed the result as a screenshot.

    Just an IP address.

  • I did the switch over myself, I haven't had any issues with any other sites, it is my own router. If it was an issue with my router configuration, what could it be, or what should I look for in the configuration?


    Thanks

  • Well, this story just keeps getting worse and worse. I have no email from you. Email to kiwisdr.com does not go through kiwisdr.com the server. Just the people who manage the domain.

    Try sending me a message here on the forum and just type in the ip. Click on the mail envelope icon at the top left of the screen near your forum id. Then "new message". Then "jks" as the recipient.

  • Got it, thanks.

  • jksjks
    edited June 2022

    I know what the problem is. You're not going to believe it..

    More info soon.

  • jksjks
    edited June 2022

    Well, of course it's the IP blacklist. What else would it be? I don't know why I didn't suspect this sooner.

    You should be able to get to the kiwisdr.com webpage now. For http://ve3hoa.ddns.net:8074/ we're going to need them to reload their blacklist (admin page, "network" tab) since auto-updating the blacklist has not yet been implemented. I guess I'm going to have to fix that now. You won't be able to get to any other Kiwis using the blacklist or who haven't updated.

    This is the problem: Way back when we first started accumulating blacklist entries we just sort of accepted contributions without screening them. One of the first ranges suggested was 173.255.0.0/16 (0.0 - 255.255). But this is too broad. The hosting provider "1U Web", the likely source of bad behavior, uses 173.255.0.0/20 (0.0 - 15.255) and your ISP (Nortel) happens to use 173.255.16.0/20 (16.0 - 31.255) which unfortunately falls within the /16 range. So yeah, no bueno.

    The blacklist is used by Kiwis as well as kiwisdr.com to protect proxied Kiwis.

  • Awesome, the other regular one that I like to use is http://sdr.w1eqx.com:8073/


    Same situation.


    Thanks for all your help...

  • Just out of curiosity, is this issue something that will be addressed/corrected at some point?


    Thanks...

    VE3TCY

  • It is quite possibly me that caused this issue for you and John, sorry about that.

    While trying to protect a work service from constant attack I blocked certain address ranges and then, when the same range of IP addresses were seen to be the source of problems for Kiwi, carried that forward without proper validation.

    I am somewhat surprised it has not been picked up before, but unless the administrator removes the wide block manually, John has to create a mechanism for that in the update process. I got from his comment he intended to.

    In the meantime if it is possible to contact the SDR owner I'll see if I can request the block removal and link to this thread.

    Stu

  • edited June 2022

    Regarding http://sdr.w1eqx.com:8073/

    w1eqx.com has expired

    That specific case is not the Kiwi firewall.

  • jksjks
    edited June 2022

    Just out of curiosity, is this issue something that will be addressed/corrected at some point?

    Yes, I have a fix almost ready. It will go out as part of the v1.539 update. Probably a few more days.

    Assuming the Kiwis you are interested in have automatic software updates enabled the problem should be fixed for them.

  • Wow, awesome, now I won't have to use my mobile data...lol


    Thanks again...

    VE3TCY

Sign In or Register to comment.