Sujet : Re: News./Tcpreset./Net Open for peering
De : deletethis (at) *nospam* invalid.lan (noel)
Groupes : news.admin.peeringDate : 07. Apr 2025, 14:02:56
Autres entêtes
Organisation : Ausics - https://newsgroups.ausics.net
Message-ID : <67f3cd00$1@news.ausics.net>
References : 1 2 3 4 5 6 7
User-Agent : Pan/0.141 (Tarzan's Death; 168b179 git.gnome.org/pan2)
also did you check hetzner, I'm told if you checked enable ipv6 filter,
nothing gets through unless you allow it on their cloud
On Mon, 7 Apr 2025, noel wrote:
unless I missed it, I don't recall Gabx confirming above nmap output on
their side of the great firewall. Also don't recall seeing the latest
netstat after they said they fixed it not listening.
>
I also see tcpreset domain has LE errors - check web redirections,
seems didn't include subdomains on cert generation, but still throws
errors becasue of next point.
>
DNSSEC conflict, must have upgraded old SHA1 key with 13/2, but not
removed the sha1 key (in most cases since do have a good 13/2 as well,
the sha1 might be ignored, but pedantic test scripts (like one we use
will issue a fail status), as will some services, saying the cert is
not trusted. https://zonecheck.org/zonemaster might be of use
>
What ports are supposed to be open on ipv6 ?
I only see imap and imaps on ipv6 but you have on ipv4 some 9 services.
if you can shell to that machine lynx https://zonecheck.org (it will
show you your IP, if it gives you an IPv6 display, select port scanner
and run the basic tcp check
>
I also not sure why you are using inn 2.6.2, thats some 4 years old now
with 2.7.2 current and 2.8 weeks from release IIRC.
News./Tcpreset./Net Open for peering
Re: News./Tcpreset./Net Open for peering