Title: Unable to proxy AIM traffic on green or from openvpn client... Post by: lightenup on Wednesday 26 August 2009, 03:02:27 am First off, this past weekend I moved from IPcop to Endian. Endian is really great!
Now for my issue, I am unable to connect with AOL(Pidgin) instant messenger using Endian's proxy (configured in transparent mode). If I configure the Pidgin client to use the Endian proxy on port 8080 it will not connect. If I configure pidgin to connect directly (no proxy) I am able to do so without issue. There is nothing in the logs that I can find indicating why this connection is being dropped. If I do a tcpdump on the interface closest to the client I see the three-way handshake complete, but then the Endian firewall sends back a reset packet to the client! >:( Is anyone else able to connect with AIM using the proxy explicitly? I have tried to connect via the proxy from the green network and openvpn client connections, neither want to work. I am able to access web sites via a browser (explicit proxy configuration) from both the green and openvpn connections. Any help would be appreciated. Lightenup Title: Re: Unable to proxy AIM traffic on green or from openvpn client... Post by: lightenup on Wednesday 26 August 2009, 04:20:13 am Another odd thing I noticed was that the proxy connection from the client does not seem to make it to the firewall, as you can see the three way handshake completes and then the client tries to do a the proxy connect in packet 14:16:08.191335:
windump from the client: C:\>WinDump.exe -nn -i \Device\NPF_{DD9808FE-2283-4750-847F-23648594D9BF} host 10.200.10.1 WinDump.exe: listening on \Device\NPF_{DD9808FE-2283-4750-847F-23648594D9BF} 14:16:08.190494 IP 10.200.10.10.4350 > 10.200.10.1.8080: S 90949042:90949042(0) win 65535 <mss 8960,nop,nop,sackOK> 14:16:08.190788 IP 10.200.10.1.8080 > 10.200.10.10.4350: S 359732416:359732416(0) ack90949043 win 5840 <mss 1460> 14:16:08.190814 IP 10.200.10.10.4350 > 10.200.10.1.8080: . ack 1 win 65535 14:16:08.191335 IP 10.200.10.1.22 > 10.200.10.10.4325: P 3301350550:3301350890(340) ack 744889867 win 8576 14:16:08.192721 IP 10.200.10.10.4350 > 10.200.10.1.8080: P 1:233(232) ack 1 win 65535 14:16:08.193018 IP 10.200.10.1.22 > 10.200.10.10.4325: P 340:472(132) ack 1 win 8576 14:16:08.193043 IP 10.200.10.10.4325 > 10.200.10.1.22: . ack 472 win 64471 14:16:09.691978 IP 10.200.10.10.4325 > 10.200.10.1.22: P 1:53(52) ack 472 win 64471 14:16:09.692304 IP 10.200.10.1.22 > 10.200.10.10.4325: P 472:524(52) ack 53 win 8576 14:16:09.692372 IP 10.200.10.1.22 > 10.200.10.10.4325: P 524:656(132) ack 53 win 8576 14:16:09.692384 IP 10.200.10.10.4325 > 10.200.10.1.22: . ack 656 win 64287 14:16:09.702812 IP 10.200.10.1.22 > 10.200.10.10.4325: P 656:772(116) ack 53 win 8576 14:16:09.888940 IP 10.200.10.10.4325 > 10.200.10.1.22: . ack 772 win 64171 tcpdump from the firewall: root@endian:~ # tcpdump -nn -i eth0 port 8080 tcpdump: WARNING: eth0: no IPv4 address assigned tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes 14:16:08.237276 IP 10.200.10.10.4350 > 10.200.10.1.8080: S 90949042:90949042(0) win 65535 <mss 8960,nop,nop,sackOK> 14:16:08.237376 IP 10.200.10.1.8080 > 10.200.10.10.4350: S 359732416:359732416(0) ack 90949043 win 5840 <mss 1460> 14:16:08.237493 IP 10.200.10.10.4350 > 10.200.10.1.8080: . ack 1 win 65535 14:16:08.239467 IP 10.200.10.1.8080 > 10.200.10.10.4350: R 359732417:359732417(0) win 0 The above captures are for the same connection. Also of note, I am unable to access any port 443 sites when explicitly using the proxy, port 80 works fine. So it seems like there is a general issue with the ports being permitted to access squid with. Lightenup Title: Re: Unable to proxy AIM traffic on green or from openvpn client... Post by: lightenup on Wednesday 26 August 2009, 07:10:32 am Ok, I just got home from work and fired up my laptop (connects off of the blue interface) and found that I can connect to port 443 sites via the proxy and connect via AIM as well. Time for some more investigation work...
Title: Re: Unable to proxy AIM traffic on green or from openvpn client... Post by: lightenup on Wednesday 26 August 2009, 08:57:13 am Well I reloaded from the CD, configured just a red and green interface. Enabled transparent proxy on green and it still does not work. In my browser if I explicitly define the proxy server I am unable to connect to any site port 443/https. If I remove the explicit proxy setting I am able to browse ssl enabled sites ???
Title: Re: Unable to proxy AIM traffic on green or from openvpn client... Post by: lightenup on Friday 28 August 2009, 11:53:01 am So I changed the proxy port to 800, restarted the proxy via '/etc/init.d/squid restart' and now it works without a problem. ;D
|