Site Navigation

Date:      Thu, 1 Sep 2016 18:01:18 -0400
From:      Jon Radel <jon@radel.com>
To:        Mike Clarke <jmc-freebsd2@milibyte.co.uk>, freebsd-questions@freebsd.org
Subject:   Re: Odd happening with Firefox
Message-ID:  <9fe4e591-fac5-0c36-9068-1b13836f3cf2@radel.com>
In-Reply-To: <2103124.j7lFlvS1qe@curlew.lan>
References:  <5755143.UTDEeNj0Ik@curlew.lan> <71d92515-6330-b1f6-b64c-4a2f62d45415@hiwaay.net> <20160901221257.1ee3143b@moonstudio> <2103124.j7lFlvS1qe@curlew.lan>

---

index | next in thread | previous in thread | raw e-mail

---

[-- Attachment #1 --]
On 9/1/16 4:28 PM, Mike Clarke wrote:
> On Thursday 01 Sep 2016 22:12:57 Ralf Mardorf via freebsd-questions wrote:
>> Did you try
>>
>>   about:config
>>
>>   network.dns.disableIPv6 true
>>
>> ?
> 
> Thanks for the suggestion. I've just tried it now but still no joy.
> 

Unless there is different domain data floating around that's fed to
different resolvers, there's no ipv6 data in sight for any of the
related names.

If I understand the scenario, after all the redirects and CNAME data is
waded through, you're talking to (or having it refuse to talk to you):

cmbr.ent.sirsidynix.net.uk. 3600 IN	CNAME	gefion.sirsidynix.net.uk.

gefion.sirsidynix.net.uk. 3600	IN	A	206.187.52.169


which has a single A record.

In any case, I can get the final server to do something similar if I use
wget:

$ wget -v http://www.cumbria-libraries.org.uk/
--2016-09-01 21:48:41--  http://www.cumbria-libraries.org.uk/
Resolving www.cumbria-libraries.org.uk (www.cumbria-libraries.org.uk)...
185.26.230.131
Connecting to www.cumbria-libraries.org.uk
(www.cumbria-libraries.org.uk)|185.26.230.131|:80... connected.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: http://cmbr.ent.sirsidynix.net.uk/client/en_GB/default/
[following]
--2016-09-01 21:48:41--
http://cmbr.ent.sirsidynix.net.uk/client/en_GB/default/
Resolving cmbr.ent.sirsidynix.net.uk (cmbr.ent.sirsidynix.net.uk)...
206.187.52.169
Connecting to cmbr.ent.sirsidynix.net.uk
(cmbr.ent.sirsidynix.net.uk)|206.187.52.169|:80... connected.
HTTP request sent, awaiting response... 403 Forbidden
2016-09-01 21:48:41 ERROR 403: Forbidden.

$

even though, as you point out, fetch does work:

$ fetch -vvv http://www.cumbria-libraries.org.uk/
scheme:   [http]
user:     []
password: []
host:     [www.cumbria-libraries.org.uk]
port:     [0]
document: [/]
---> www.cumbria-libraries.org.uk:80
looking up www.cumbria-libraries.org.uk
connecting to www.cumbria-libraries.org.uk:80
requesting http://www.cumbria-libraries.org.uk/
>>> GET / HTTP/1.1
>>> Host: www.cumbria-libraries.org.uk
>>> Accept: */*
>>> User-Agent: fetch libfetch/2.0
>>> Connection: close
>>>
<<< HTTP/1.1 301 Moved Permanently
<<< Date: Thu, 01 Sep 2016 21:52:55 GMT
<<< Server: Apache/2.2.22 (Debian) proxy_html/3.0.1 mod_perl/2.0.7
Perl/v5.14.2
<<< Location: http://cmbr.ent.sirsidynix.net.uk/client/en_GB/default/
<<< Vary: Accept-Encoding
301 redirect to http://cmbr.ent.sirsidynix.net.uk/client/en_GB/default/
scheme:   [http]
user:     []
password: []
host:     [cmbr.ent.sirsidynix.net.uk]
port:     [0]
document: [/client/en_GB/default/]
<<< Content-Length: 402
<<< Connection: close
content length: [402]
<<< Content-Type: text/html; charset=iso-8859-1
<<<
---> cmbr.ent.sirsidynix.net.uk:80
looking up cmbr.ent.sirsidynix.net.uk
connecting to cmbr.ent.sirsidynix.net.uk:80
requesting http://cmbr.ent.sirsidynix.net.uk/client/en_GB/default/
>>> GET /client/en_GB/default/ HTTP/1.1
>>> Host: cmbr.ent.sirsidynix.net.uk
>>> Accept: */*
>>> User-Agent: fetch libfetch/2.0
>>> Connection: close
>>>
<<< HTTP/1.1 200 OK
<<< Date: Thu, 01 Sep 2016 21:52:55 GMT
<<< Server: Apache
<<< Set-Cookie:
JSESSIONID=0E205461CDB21D013C629D8B130F0652.enterprise-19400; Path=/client
<<< Content-Type: text/html;charset=UTF-8
<<< Connection: close
<<< Transfer-Encoding: chunked
<<<
offset 0, length -1, size -1, clength -1
fetch: http://www.cumbria-libraries.org.uk/: size of remote file is not
known
local size / mtime: 18572 / 1472766741
fetch.out                                                0  B    0
Bps<<< 1ff8
http_new_chunk(): new chunk: 8184 (8184)
<<< 1ff8
http_new_chunk(): new chunk: 8184 (16368)
<<< 89c
http_new_chunk(): new chunk: 2204 (18572)
<<< 0
http_new_chunk(): end of last chunk
fetch.out                                               18 kB   72 kBps
00m00s
$

So I can confirm that the final server is looking at....something.....

If you can engage their attention, the folks who run the server should
be able to find something in the logs.  As an alternative, you could use
tcpdump to look at the actual data and see if you can spot anything odd
that Firefox is sending.

-- 
--Jon Radel
jon@radel.com


[-- Attachment #2 --]
0�	*�H��

��0�

10
	`�H
e
0�	*�H��


��
�0��0���
�#��S��anzTgk!0
	*�H��


0o10	USE10U
AddTrust AB1&0$UAddTrust External TTP Network1"0 UAddTrust External CA Root0
141222000000Z
200530104838Z0��10	UGB10UGreater Manchester10USalford10U
COMODO CA Limited1A0?U8COMODO SHA-256 Client Authentication and Secure Email CA0�
"0
	*�H��



�
0�

�

��
�zSNpR�V�&��I���Q���ZI���`�zQB�y��"�aN��v#
�J�	�n�=ٺ�����.CRC|�2PȦOZ��ϓ%�{��0d��V��*$3��D�i��FK�3��@�����@���:�*S��= a<U��Nv%!)��|qvO��_���T���{5R���"=,0-1Y�R7�3i-C��֥�wgQ���'뼥8v���8�ߌ��I���s�:2���:=F:WtaP��@?��⟢!

��
0�
0U#0����z4�&���&T���$�T0U�ak�ᢠ�O�g�£�����0U

�
�0U

�0

�
0U%0+
+
0U 
00U 0DU=0;09�7�5�3http://crl.usertrust.com/AddTrustExternalCARoot.crl05+


)0'0%+
0
�http://ocsp.usertrust.com0
	*�H��


�

*n�U�:������U�ka+�	#��fjo����w^a�}�������[jr
A���X�&���M������X�"c�R��6�}X�ޫ;c���s����{���B#�ʶ�M>�K��-�ػBK�i�ۦ74�{�
���:ǟO�4n�e�������6����d)5�ֱ�q�C��>��2S�v�ʆ4�,��Jؙ
��␒�ZBj#!�e��ջ~ꌅ b��:,Yř3�8���zy�J&�|���0��0��
sT�<}k��
`i
��
0
	*�H��


0��10	UGB10UGreater Manchester10USalford10U
COMODO CA Limited1A0?U8COMODO SHA-256 Client Authentication and Secure Email CA0
150330000000Z
180329235959Z0��10	UUS10U2215010	UVA10USpringfield10U	6917 Ridgeway Dr.10U
Jon T. Radel1200U)Issued through Jon T. Radel E-PKI Manager10UCorporate Secure Email10U	Jon Radel10	*�H��

	

jon@radel.com0�
"0
	*�H��



�
0�

�

��a�Щ������@@g3eGރ�͛�;	�d�#��>�q7&Hf�
:��3�v�L"��jV#�Xݷ�>U��-�H[$�S�Uڻ�{�Ϝ�,���z¶���I���chO��=rcy��r����n�v.V��h�7��k;���%u�e�Y��uӬ��󯅅���n�z����6!| !�A�ȡ�+�,�����u�+ 
�CA�պF-��u�n�#�vj���UJ��W�nk%�j]�
2�JP�kl��

��
�0�
�0U#0��ak�ᢠ�O�g�£�����0U��
�E�|G�Dp��/�ʚB�0U

��0U

�00U%0+
+
0FU ?0=0;+

�1

0+0)+

https://secure.comodo.net/CPS0]UV0T0R�P�N�Lhttp://crl.comodoca.com/COMODOSHA256ClientAuthenticationandSecureEmailCA.crl0��+


��0��0X+
0�Lhttp://crt.comodoca.com/COMODOSHA256ClientAuthenticationandSecureEmailCA.crt0$+
0
�http://ocsp.comodoca.com0U0�
jon@radel.com0
	*�H��


�

KS��`?���H���_D`�8G߿VbĘ��<��t�B-Ӈї|��{'��Ũ�ݹg0Gp�$��������������%F(;*��M��O*g����t�$@�����t6���,�?0���|�#�ă�z�,�&!{j�2i��[%�b�7ߪ�P+�9G�㲍["y<?���8rZ'��[U���R6%����L̤
��w"�=:L����~�Ƨ^��jf���3�6� ��OP��1�•.}(��e�1�A0�=

0��0��10	UGB10UGreater Manchester10USalford10U
COMODO CA Limited1A0?U8COMODO SHA-256 Client Authentication and Secure Email CAsT�<}k��
`i
��
0
	`�H
e
��a0	*�H��

	1	*�H��


0	*�H��

	1
160901220118Z0/	*�H��

	1" %Y��r<]��X�G--���'Q�
㢦�B��0l	*�H��

	1_0]0	`�H
e
*0	`�H
e
0
*�H��
0*�H��
�0
*�H��

@0+0
*�H��

(0��	+

�71��0��0��10	UGB10UGreater Manchester10USalford10U
COMODO CA Limited1A0?U8COMODO SHA-256 Client Authentication and Secure Email CAsT�<}k��
`i
��
0��*�H��

	1�����0��10	UGB10UGreater Manchester10USalford10U
COMODO CA Limited1A0?U8COMODO SHA-256 Client Authentication and Secure Email CAsT�<}k��
`i
��
0
	*�H��



�
80����-�:���e�*��C���%�
���J��2J��͙b�$���ēZ(ө.=zc)��*W��Sh���X�
������;�35�
kl�<ӍF*xc�0�����(2�T���	/״I�m�;~��
��swa��	R
.Lʸ�����ryZDW�r���#��q(T�0�tw谝��/��WzjԻ��8��><GĢ�A'0�۷u��@'���+L�042{�����ޕ��7@���

home | help

---

Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9fe4e591-fac5-0c36-9068-1b13836f3cf2>

Legal Notices | © 1995-2026 The FreeBSD Project. All rights reserved.

Contact