Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 24 Jul 2012 23:05:38 -0600
From:      Jason Mattax <jmattax@storytotell.org>
To:        Daniel Hartmeier <daniel@benzedrine.cx>
Cc:        freebsd-pf@freebsd.org
Subject:   Re: PF suddenly malfunctioned
Message-ID:  <500F7EA2.6050707@storytotell.org>
In-Reply-To: <20120724171225.GA27107@insomnia.benzedrine.cx>
References:  <effb611b289f2b14d345c1cd63c9828a.squirrel@mail.clanspum.net> <20120723100521.GC32530@insomnia.benzedrine.cx> <500E1202.20108@storytotell.org> <20120724070700.GF32530@insomnia.benzedrine.cx> <500EB432.6050803@storytotell.org> <20120724171225.GA27107@insomnia.benzedrine.cx>
next in thread | previous in thread | raw e-mail | index | archive | help 


On 07/24/2012 11:12 AM, Daniel Hartmeier wrote:
> On Tue, Jul 24, 2012 at 08:41:54AM -0600, Jason Mattax wrote:
> If the upstream router does HTTP inspection, it might be buggy (since
> the thunderstorm? :) and react to different HTTP headers. Or it might
> run an (broken) antivirus patterns on the HTTP result? Can you disable
> any layer 7 inspection?


> I'd tcpdump with -s 1600 -X to capture a working links connection. Then
> extract the exact HTTP GET request from the hex dump. Then try to send
> that with printf | nc. That should work equally well. If so, remove
> headers until you hit the bug again.
>
> Or just replace the upstream device (router, ISP modem?) and see if it
> goes away.
>

I was going to go through these in order, but decided I could do some of 
the faster items first. As it turns out I had a "spare" DSL modem around 
because Qwest told me that it would work the the new faster internet I 
purchasing from them, plugged that in and it seems to work fine. The 
thing about my network that I forgot was that the DSL modem is not 
protected from lightning by a UPS on the phone line, and unfortunately 
it can't be (protecting it causes it to lose all DSL signal because of 
the crappy phone lines in my house.) The phone line comes from the wall 
strait to the DSL modem, then the ethernet comes from the DSL modem to 
my UPS to protect the rest of the network.

Sorry for the long and complicated thread when there wasn't actually an 
issue with the PF filter. Also, thank you all for donating your time to 
help resolve this issue.

-- 
Jason Mattax

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?500F7EA2.6050707>