Telegram not connecting.

Waqar.UK · Nov 9, 2020, 7:31 AM

Hello BMeeks,

thanks for all your hard work.
I had Telegram working a few days ago, then this started to happen.
I have not added anything apart from:
Service_Watchdog sysutils

Update: I got it working again. I must have denied GeoIP to the British Virgin Islands where Telegram IP address blocks are based.

Gertjan · Nov 9, 2020, 10:35 AM

Remove this :

@Waqar-UK said in Telegram not connecting.:

Service_Watchdog

The package is for developers that like to "dev in death" mode.

The setup of services that stop should be corrected.

Waqar.UK · Nov 9, 2020, 11:18 AM

OK. I have removed this package.

bmeeks · Nov 9, 2020, 1:24 PM

@Waqar-UK said in Telegram not connecting.:

Update: I got it working again. I must have denied GeoIP to the British Virgin Islands where Telegram IP address blocks are based.

Expect things like that to continue to happen to you when you use huge lists of IPs that you block. Whether GeoIP or simple IP lists, all of them have issues with accuracy. Since the IPv4 address space is now fully utilized and empty blocks are non-existent, there is a lot of buying and selling among IPv4 address block holders. This back and forth swapping of IPv4 space around the world makes some of the GeoIP lists of dubious accuracy. At the very least they have a hard time staying "current".

With huge lists of IPs that someone says "block", how do you know they are really bad? Heck, not very long ago some idiot (or idiot automated system) added the Google DNS servers to a popular IP list that some folks used in pfBlocker. That resulted in blocks of Google DNS!

So my point is that if you do things with GeoIP blocking and/or use other lists of "bad" IPs that you block, expect fairly frequent issues of stuff suddenly not working. If it was working yesterday, and today it's not, then the first place you need to look is at the alerts/blocks generated by all of your blocking packages. So that would be Snort/Suricata/pfBlockerNG/DNSBL.

Waqar.UK · Nov 9, 2020, 2:07 PM

So true. I just hope that this is sorted out. Since Telegram is a very popular package.

bmeeks · Nov 9, 2020, 9:04 PM

@Waqar-UK said in Telegram not connecting.:

So true. I just hope that this is sorted out. Since Telegram is a very popular package.

Sorting it out may require abandoning the use of so-called "malicious IP" lists. In your case, it does not seem that Telegram was the actual problem. The problem was a GeoIP block you put in place using a list. Without that block, I suspect Telegram would work just fine.

GeoIP blocking is fine in theory but can be burdensome in practice. Mostly because of two reasons. The first is the use of world-wide CDNs (content delivery networks) that have servers spread all over the globe in different countries. You never know with certainty which of the servers you will get referred to. The second reason is the aforementioned swapping around of IP address space between owners around the world. An IP block that formerly was used in the US might this week now be used in Southeast Asia, for example. It may take the GeoIP list vendors a long time to get that update (if they ever do).

Waqar.UK · Nov 9, 2020, 5:07 PM

True,

then I have to keep an eye on what IP is being blocked. As GeoIP has to be monitored why certain programs are not able to connect to their servers / services.

Thanks.

john24634 · Feb 25, 2023, 1:35 AM

@waqar-uk

I was able to fix it by adding to the pass list on SNORT:
149.154.175.53
149.154.175.50

john24634 · Feb 25, 2023, 2:55 AM

@john24634

There is a good explanation here:
https://forum.netgate.com/topic/139724/snort-ignoring-passlist

Waqar.UK · Mar 5, 2023, 5:56 PM

@john24634

sorry for a very late reply.

Thanks.

iTacos · Oct 2, 2023, 2:20 PM

This post is deleted!