Whois on my server's ip address not working

[SamSpade]

I am running latest CSF on Centos 7.3 with latest CPanel release 66. CSF is configured as per profile protection_high.

The following instructions were done on my server's CLI.

whois my-hostname ---> works perfect
whois my-server-ip ----> time out error

but

whois 8.8.8.8 ---> works perfect :-?

After verifying that my provider did not block anything related to port 43 or whois, I deactivated CSF and LSF temporarily (csf -x) et voilà whois on my ip address even works perfect. Switching CSF on again (csf -e) whois on my server address again results in time out error.

The question is where to look in the CSF configuration? :-/

Do you have any ideas?

PS IPv6 ist blacklisted and disabled. Port 43 is already whitelisted in TCP_OUT.

Edit: Switching to protection_medium --> same problem, switching to default profile ---> works

[SamSpade]

Did a clean install of Centos 7.3 and CSF 10.22 in Virtualbox. With CSF deactivated or CSF activated with profile reset_to_defaults the whois command operates as expected. After applying profile protection_high, medium or low the whois server is unreachable.

That applies only for querying IP addresses. Queries of domain names work fine.

Any ideas on how to solve that?

Edit: The first log entries regarding whois time outs showed up on July 12, 2017.

[sawbuck]

Probably where I'd start is a file compare with the reset_to_defaults.conf and protection_low.conf files in /usr/local/csf/profiles

[SamSpade]

Problem solved: The ip adress of whois.ripe.net belongs to The Netherlands and unfortunately NL was listed as a TLD in the CC_DENY field. Removed that and everything works as a charme again ;-) I always thought ripe.net would be located in the US ;-/