usually when we deal with problems its because something is not setup properly and alike. But today we noticed something interesting. Users that had peerguardian or similar software installed were unable to connect to the VPN. So we investigated this problem.
Our first stop is peerblock.com. We search for IP block lists and notice this FAQ entry at some point. It informs us that peerblock.com does not maintain the blocking lists but iblocklist.com does. Okay… lets check iblocklist.com then.
Hmm, looking at their list we can see that they are fetching this information from a 3rd party as well. But as any good filter provider they should proof their lists right? Wrong:
Well at least we are able to look at the filter list based on the data we get from iblocklist.com which yields:
$ cat bt_level1 | grep -i ipredator Ipredator VPN/Relakks VPN | ap2p:126.96.36.199-188.8.131.52 IPredator VPN | ap2p:184.108.40.206-220.127.116.11 Detected kad activity on IPredator VPN:18.104.22.168-22.214.171.124 Detected AP2P on Ipredator VPN:126.96.36.199-188.8.131.52 IPredator VPN | ap2p:184.108.40.206-220.127.116.11 IPredator VPN | ap2p:18.104.22.168-22.214.171.124
So we decided to talk to the guys at bluetack.co.uk, who are responsible for this list. After all it does not make any sense that we are flagged as anti P2P. Easier said than done because there is no contact information whatsoever on the bluetack.co.uk website. They have a forum which requires registration… mhm, we are not gonna do that. So we decided to send them an email to their RFC2142 addresses asking for clarification.
If we get a reply we will update you. Other than that there is not much we can do at this point. You can just white list the networks from our ISP which are 126.96.36.199 - 188.8.131.52, 184.108.40.206 - 220.127.116.11 and 18.104.22.168 - 22.214.171.124 to circumvent the block. Other options are to stop using those black lists or register on their forum and nag them about the issue.
This is a perfect example of why IP filter lists suck. They come from somewhere. Nobody is responsible. And they contain false information. We are not sure why our complete network is blocked. Maybe iblocklist.com decided to have a private word with bluetack.co.uk to put us on the list – after all they provide a VPN service now as well… who knows.
The IPredator team