Implicit mac filtering on frequently requests?

July 18, 2018 194 views
Networking Ubuntu

Hi Guys.
I've an arduino that pings a HTTP request every 240 seconds on my droplet with the same IP / Mac address.
I've noticed about that the connection will block and fail after 3/4 days of uptime.
If inside software of my i client I try change the mac address of the arduino everything works again for 3/4 days.
Is there an implicit mac firewall inside the droplet configuration? Can i remove it?
thank you for the advice.

2 Answers

Hello friend!

That is an interesting event. There should be nothing default on our images causing this, the relevant firewall rules should have to be added by the user or software they had installed. I'm sticking with "should" on the off chance that I'm missing a variable. There won't be anything on the network side for that for sure at least. If you have a proxy between you and the droplet, like CloudFlare for example, it might be a reasonable theory that it is getting caught in a web application firewall.

I will say that our Wordpress one-click uses fail2ban to block IPs for failed login attempts to Wordpress, but that's a very specific scenario and it's IP specific rather than mac address.

Perhaps a packet capture on both ends might reveal something, though a bit heavy handed. I'll keep thinking about it throughout the day to see if anything else comes to mind. I'm not expecting anything to, but you never know.

Kind Regards,
Jarland

Hi. I don't pass any firewall from my lan to the droplet. Meanwhile i can't reach my droplet from the arduino google.com works properly with the same mac address. This is annoying.
I don't modify any chain of iptables, i'm using ubuntu server on the droplet.
To fix the problem i've randomize the mac address with 10 similar address.
This now works for me but it isn't a "perfect" solution.

Have another answer? Share your knowledge.