Allow webapps to make outgoing requests
I was experiencing a pretty bad slowdown while trying to use the admin pages of a WordPress site recently. The load on the machine was quite low, so I began to suspect that it was trying to call out to external services (facebook, pinterest, etc) that might have been blocked by CSF (configserver firewall).
I started playing around with tcpdump
and friends and then realized that the information I was looking for (blocked outgoing requests) was already being logged in /var/log/kern.log on our Ubuntu system (same on Debian).
Here’s the little pipeline I used to look up the hostnames of the requests that were blocked:
1 |
grep -F 'TCP_OUT Blocked' /var/log/kern.log | awk '{print $13}' | cut -c 5- | sort -u | while read ip; do echo "$ip"; nslookup $ip | grep name | expand -1; done
|
It could be formatted nicer, but at least it gave me what I wanted. After removing an erroneous firewall entry using csf -dr IP[/CIDR|NETMASK]
, all was snappy once again.