--- Adrian Chadd <adrian@creative.net.au> escribió:
> On Tue, Jan 23, 2007, Juan Pablo Calomino wrote:
>
> > I have disabled all inspection on headers and it
> > still
> > rejects it, because by default, my FW won't
> accept
> > any packets that do not follow RFC's.
> >
> > What is Squid doing to HTTPS connections?
>
> Only you can answer this - you'll have to take a
> packet dump of the
> HTTPS session so that someone has at least a shot at
> answering.
>
> What firewall, btw? I remember the "strict TCP"
> checking in the Lucent
> Brick firewall would drop a lot of arbitrary traffic
> without any
> actual pattern.. none of us could figure out why but
> it was definitely
> a known issue.
>
>
>
> Adrian
>
>
Hello, my firewall is a Checkpoint NGX Cluster.
Here's some TCPDUMP output when I try to browse
"https://www.bankboston.com.ar".
"INTERNET" is my Server's public address.
12:07:13.498922 O INTERNET.38160 > 32.104.16.39.443: S
3652661251:3652661251(0) win 5840 <mss
1460,sackOK,timestamp 3904803211[|tcp]> (DF)
4500 003c a188 4000 3f06 015c
c83b a00d
2068 1027 9510 01bb d9b7 3003
0000 0000
a002 16d0 7d8c 0000 0204 05b4
0402 080a
e8be 918b 0000
12:07:13.509412 I 32.104.16.39.443 > INTERNET.38160: S
2669393515:2669393515(0) ack 3652661252 win 17520 <mss
1460,nop,wscale 0,nop,nop,timestamp[|tcp]> (DF)
4500 0040 92a6 4000 7806 d739
2068 1027
c83b a00d 01bb 9510 9f1b b66b
d9b7 3004
b012 4470 629a 0000 0204 05b4
0103 0300
0101 080a 0000
12:07:13.509833 O INTERNET.38160 > 32.104.16.39.443: .
ack 1 win 1460 <nop,nop,timestamp 3904803223 0> (DF)
4500 0034 a18a 4000 3f06 0162
c83b a00d
2068 1027 9510 01bb d9b7 3004
9f1b b66c
8010 05b4 67cb 0000 0101 080a
e8be 9197
0000 0000
12:08:43.895453 O INTERNET.38160 > 32.104.16.39.443: F
1:1(0) ack 1 win 1460 <nop,nop,timestamp 3904893621 0>
(DF)
4500 0034 a18c 4000 3f06 0160
c83b a00d
2068 1027 9510 01bb d9b7 3004
9f1b b66c
8011 05b4 06ab 0000 0101 080a
e8bf f2b5
0000 0000
12:08:43.937731 I 32.104.16.39.443 > INTERNET.38160: .
ack 2 win 17520 <nop,nop,timestamp 14979930
3904893621> (DF)
4500 0034 d822 4000 7806 91c9
2068 1027
c83b a00d 01bb 9510 9f1b b66c
d9b7 3005
8010 4470 33b0 0000 0101 080a
00e4 935a
e8bf f2b5
12:08:43.937986 I 32.104.16.39.443 > INTERNET.38160: F
1:1(0) ack 2 win 17520 <nop,nop,timestamp 14979930
3904893621> (DF)
4500 0034 d823 4000 7806 91c8
2068 1027
c83b a00d 01bb 9510 9f1b b66c
d9b7 3005
8011 4470 33af 0000 0101 080a
00e4 935a
e8bf f2b5
12:08:43.938302 O INTERNET.38160 > 32.104.16.39.443: .
ack 2 win 1460 <nop,nop,timestamp 3904893664 14979930>
(DF)
4500 0034 e6aa 4000 3f06 bc41
c83b a00d
2068 1027 9510 01bb d9b7 3005
9f1b b66d
8010 05b4 7240 0000 0101 080a
e8bf f2e0
00e4 935a
12:08:44.788781 O INTERNET.38338 > 32.104.16.39.443: S
3740349231:3740349231(0) win 5840 <mss
1460,sackOK,timestamp 3904894514[|tcp]> (DF)
4500 003c c51d 4000 3f06 ddc6
c83b a00d
2068 1027 95c2 01bb def1 332f
0000 0000
a002 16d0 0fcc 0000 0204 05b4
0402 080a
e8bf f632 0000
12:08:44.799171 I 32.104.16.39.443 > INTERNET.38338: S
1904495849:1904495849(0) ack 3740349232 win 17520 <mss
1460,nop,wscale 0,nop,nop,timestamp[|tcp]> (DF)
4500 0040 d976 4000 7806 9069
2068 1027
c83b a00d 01bb 95c2 7184 4ce9
def1 3330
b012 4470 f09b 0000 0204 05b4
0103 0300
0101 080a 0000
12:08:44.800216 O INTERNET.38338 > 32.104.16.39.443: .
ack 1 win 1460 <nop,nop,timestamp 3904894525 0> (DF)
4500 0034 c51f 4000 3f06 ddcc
c83b a00d
2068 1027 95c2 01bb def1 3330
7184 4cea
8010 05b4 9125 0000 0101 080a
e8bf f63d
0000 0000
12:10:14.872004 O INTERNET.38338 > 32.104.16.39.443: F
1:1(0) ack 1 win 1460 <nop,nop,timestamp 3904984610 0>
(DF)
4500 0034 c521 4000 3f06 ddca
c83b a00d
2068 1027 95c2 01bb def1 3330
7184 4cea
8011 05b4 313e 0000 0101 080a
e8c1 5622
0000 0000
12:10:14.935534 I 32.104.16.39.443 > INTERNET.38338: .
ack 2 win 17520 <nop,nop,timestamp 14980840
3904984610> (DF)
4500 0034 2c09 4000 7806 3de3
2068 1027
c83b a00d 01bb 95c2 7184 4cea
def1 3331
8010 4470 5ab5 0000 0101 080a
00e4 96e8
e8c1 5622
12:10:14.935784 I 32.104.16.39.443 > INTERNET.38338: F
1:1(0) ack 2 win 17520 <nop,nop,timestamp 14980840
3904984610> (DF)
4500 0034 2c0a 4000 7806 3de2
2068 1027
c83b a00d 01bb 95c2 7184 4cea
def1 3331
8011 4470 5ab4 0000 0101 080a
00e4 96e8
e8c1 5622
12:10:14.936397 O INTERNET.38338 > 32.104.16.39.443: .
ack 2 win 1460 <nop,nop,timestamp 3904984675 14980840>
(DF)
4500 0034 e6c3 4000 3f06 bc28
c83b a00d
2068 1027 95c2 01bb def1 3331
7184 4ceb
8010 05b4 992f 0000 0101 080a
e8c1 5663
00e4 96e8
Thank you very much.
Juan Pablo.
__________________________________________________
Preguntá. Respondé. Descubrí.
Todo lo que querías saber, y lo que ni imaginabas,
está en Yahoo! Respuestas (Beta).
¡Probalo ya!
http://www.yahoo.com.ar/respuestas
Received on Tue Jan 23 2007 - 09:34:37 MST
This archive was generated by hypermail pre-2.1.9 : Thu Feb 01 2007 - 12:00:01 MST