[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

connection problems



Hi!

Sorry for the large mail!

I have an opebsd 2.8 with the default webserver. There are some locations 
from outside my network from where i cannot reach my webserver. But most of 
the other locations see my server quite well.

here is a tcpdump from the webserver (193.230.232.65) when I connected to the 
webserver from somewhere outside (212.93.151.41).
//===============================
<root_(_dot_)_wheel_(_at_)_hpe35> [~] # tcpdump -n -i fxp0 host 212.93.151.41
tcpdump: listening on fxp0
17:23:00.466736 212.93.151.41.2675 > 193.230.232.65.80: SWE 
481112381:481112381(0) win 5840 <mss 1460,sackOK,timestamp 10863275 
0,nop,wscale 0> (DF)
17:23:00.466807 193.230.232.65.80 > 212.93.151.41.2675: S 
4126723343:4126723343(0) ack 481112382 win 17376 <mss 
1460,nop,nop,sackOK,nop,wscale 0,nop,nop,timestamp 2075 10863275>
17:23:02.470043 193.230.232.65.80 > 212.93.151.41.2529: R 
3996718667:3996718667(0) ack 3948598956 win 0
17:23:05.970037 193.230.232.65.80 > 212.93.151.41.2675: S 
4126723343:4126723343(0) ack 481112382 win 17376 <mss 
1460,nop,nop,sackOK,nop,wscale 0,nop,nop,timestamp 2086 10863275>
17:23:10.470223 193.230.232.65.80 > 212.93.151.41.2544: R 
4022565725:4022565725(0) ack 4078061454 win 0
17:23:15.160352 212.93.151.41.2675 > 193.230.232.65.80: P 1:326(325) ack 1 
win 5840 <nop,nop,timestamp 10864699 2086> (DF)
17:23:15.160414 193.230.232.65.80 > 212.93.151.41.2675: . ack 326 win 17051 
<nop,nop,timestamp 2105 10864699>
17:23:15.161428 193.230.232.65.80 > 212.93.151.41.2675: . 1:1449(1448) ack 
326 win 17376 <nop,nop,timestamp 2105 10864699>
17:23:15.161451 193.230.232.65.80 > 212.93.151.41.2675: P 1449:2049(600) ack 
326 win 17376 <nop,nop,timestamp 2105 10864699>
17:23:43.470052 193.230.232.65.80 > 212.93.151.41.2675: . 1:1449(1448) ack 
326 win 17376 <nop,nop,timestamp 2161 10864699>
17:24:40.470056 193.230.232.65.80 > 212.93.151.41.2675: . 1:1449(1448) ack 
326 win 17376 <nop,nop,timestamp 2275 10864699>
17:25:05.633270 212.93.151.41.2733 > 193.230.232.65.80: SWE 
635276292:635276292(0) win 5840 <mss 1460,sackOK,timestamp 10875794 
0,nop,wscale 0> (DF)
17:25:05.633345 193.230.232.65.80 > 212.93.151.41.2733: S 
4152887502:4152887502(0) ack 635276293 win 17376 <mss 
1460,nop,nop,sackOK,nop,wscale 0,nop,nop,timestamp 2326 10875794>
17:25:07.739412 212.93.151.41.2733 > 193.230.232.65.80: . ack 1 win 5840 
<nop,nop,timestamp 10875977 2326> (DF)
17:25:19.715680 212.93.151.41.2733 > 193.230.232.65.80: P 1:326(325) ack 1 
win 5840 <nop,nop,timestamp 10877184 2326> (DF)
17:25:19.715744 193.230.232.65.80 > 212.93.151.41.2733: . ack 326 win 17376 
<nop,nop,timestamp 2354 10877184>
17:25:19.716562 193.230.232.65.80 > 212.93.151.41.2733: . 1:1449(1448) ack 
326 win 17376 <nop,nop,timestamp 2354 10877184>
17:25:19.716584 193.230.232.65.80 > 212.93.151.41.2733: P 1449:2049(600) ack 
326 win 17376 <nop,nop,timestamp 2354 10877184>
17:25:21.984209 212.93.151.41.2733 > 193.230.232.65.80: . ack 1 win 5840 
<nop,nop,timestamp 10877401 2354,nop,nop,sack 1 {1449:2049} > (DF)
17:25:25.470051 193.230.232.65.80 > 212.93.151.41.2733: . 1:1449(1448) ack 
326 win 17376 <nop,nop,timestamp 2365 10877401>
17:25:37.470051 193.230.232.65.80 > 212.93.151.41.2733: . 1:1449(1448) ack 
326 win 17376 <nop,nop,timestamp 2389 10877401>
17:25:44.470052 193.230.232.65.80 > 212.93.151.41.2675: . 1:1449(1448) ack 
326 win 17376 <nop,nop,timestamp 2403 10864699>
^C
5603 packets received by filter
0 packets dropped by kernel
//======================================

the first syn from the client comes then the ack is sent by the server and 
immediately the server sends a reset! as I see... And I don't have any ideea 
what are the other flags WE in (SWE in the first tcpdump line).
>From another client machine outside my network I got the following tcpdump:

//===================================
17:29:38.836050 209.184.27.151.3300 > 193.230.232.65.80: S 
1751885152:1751885152(0) win 32120 <mss 1460,sackOK,timestamp 257938895 
0,nop,wscale 0> (DF)
17:29:38.836147 193.230.232.65.80 > 209.184.27.151.3300: S 
4195504312:4195504312(0) ack 1751885153 win 17376 <mss 
1460,nop,nop,sackOK,nop,wscale 0,nop,nop,timestamp 2872 257938895>
17:29:41.318989 209.184.27.151.3300 > 193.230.232.65.80: . ack 1 win 32120 
<nop,nop,timestamp 257939049 2872> (DF)
17:29:44.397386 209.184.27.151.3300 > 193.230.232.65.80: P 1:549(548) ack 1 
win 32120 <nop,nop,timestamp 257939349 2872> (DF)
17:29:44.397452 193.230.232.65.80 > 209.184.27.151.3300: . ack 549 win 17376 
<nop,nop,timestamp 2883 257939349>
17:29:44.398316 193.230.232.65.80 > 209.184.27.151.3300: . 1:1449(1448) ack 
549 win 17376 <nop,nop,timestamp 2883 257939349>
17:29:44.398339 193.230.232.65.80 > 209.184.27.151.3300: P 1449:2049(600) ack 
549 win 17376 <nop,nop,timestamp 2883 257939349>
17:29:47.022974 209.184.27.151.3300 > 193.230.232.65.80: . ack 2049 win 31856 
<nop,nop,timestamp 257939623 2883> (DF)
17:29:47.023034 193.230.232.65.80 > 209.184.27.151.3300: . 2049:3497(1448) 
ack 549 win 17376 <nop,nop,timestamp 2889 257939623>
17:29:47.023063 193.230.232.65.80 > 209.184.27.151.3300: . 3497:4945(1448) 
ack 549 win 17376 <nop,nop,timestamp 2889 257939623>
17:29:47.023092 193.230.232.65.80 > 209.184.27.151.3300: . 4945:6393(1448) 
ack 549 win 17376 <nop,nop,timestamp 2889 257939623>
17:29:49.447507 209.184.27.151.3300 > 193.230.232.65.80: . ack 4945 win 31856 
<nop,nop,timestamp 257939889 2889> (DF)
17:29:49.447560 193.230.232.65.80 > 209.184.27.151.3300: . 6393:7841(1448) 
ack 549 win 17376 <nop,nop,timestamp 2893 257939889>
17:29:49.447590 193.230.232.65.80 > 209.184.27.151.3300: . 7841:9289(1448) 
ack 549 win 17376 <nop,nop,timestamp 2893 257939889>
17:29:49.447619 193.230.232.65.80 > 209.184.27.151.3300: . 9289:10737(1448) 
ack
549 win 17376 <nop,nop,timestamp 2893 257939889>
17:29:51.942419 209.184.27.151.3300 > 193.230.232.65.80: . ack 9289 win 31856 
<nop,nop,timestamp 257940132 2893> (DF)
17:29:51.942484 193.230.232.65.80 > 209.184.27.151.3300: . 10737:12185(1448) 
ack 549 win 17376 <nop,nop,timestamp 2898 257940132>
17:29:51.942504 193.230.232.65.80 > 209.184.27.151.3300: FP 12185:12294(109) 
ack 549 win 17376 <nop,nop,timestamp 2898 257940132>
17:29:51.944772 209.184.27.151.3300 > 193.230.232.65.80: . ack 9289 win 31856 
<nop,nop,timestamp 257940132 2893> (DF)
17:29:53.209625 209.184.27.151.3300 > 193.230.232.65.80: . ack 10737 win 
31856 <nop,nop,timestamp 257940191 2893> (DF)
17:29:54.411684 209.184.27.151.3300 > 193.230.232.65.80: . ack 12295 win 
31856 <nop,nop,timestamp 257940374 2898> (DF)
17:29:54.414274 209.184.27.151.3300 > 193.230.232.65.80: F 549:549(0) ack 
12295
win 31856 <nop,nop,timestamp 257940376 2898> (DF)
17:29:54.414323 193.230.232.65.80 > 209.184.27.151.3300: . ack 550 win 17376 
<nop,nop,timestamp 2903 257940376>
//===================================

and the page was loaded in the browser properly. the only difference I see 
between the two tcpdumps is in the first line.. the SWE 

anybody knows anything about this? 

here are some configs I thought would be usefull:

//========================================\
<root_(_dot_)_wheel_(_at_)_hpe35> [~] # sysctl -a
kern.ostype = OpenBSD
kern.osrelease = 2.8
kern.osrevision = 200012
kern.version = OpenBSD 2.8 (conf) #2: Wed Mar 21 20:50:45 EET 2001
    root_(_at_)_hpe35_(_dot_)_umft_(_dot_)_ro:/usr/src/sys/arch/i386/conf

kern.maxvnodes = 1310
kern.maxproc = 532
kern.maxfiles = 1772
kern.argmax = 262144
kern.securelevel = 1
kern.hostname = hpe35.umft.ro
kern.hostid = 0
kern.clockrate = tick = 10000, tickadj = 40, hz = 100, profhz = 1024, stathz 
= 128
kern.posix1version = 199009
kern.ngroups = 16
kern.job_control = 1
kern.saved_ids = 1
kern.boottime = Mon Mar 26 17:05:43 2001
kern.domainname =
kern.maxpartitions = 16
kern.rawpartition = 2
kern.osversion = conf#2
kern.somaxconn = 128
kern.sominconn = 80
kern.usermount = 0
kern.random = 280385 575904 0 89300 4 776 0 0 0 0 0 0 25388 15244 171 12987 
6856 0 0 0 0 1 9 7 4 3 13 5 2682 2067 3092 1779 3777 2356 1503 1230 0 0 0 0 0 
0 0 0 0 4 0 0 0 6856 2 343 4623 13564 0 0 0 0 41 5722 67645 206996 0 0
kern.nosuidcoredump = 1
kern.fsync = 1
kern.sysvmsg = 1
kern.sysvsem = 1
kern.sysvshm = 1
kern.arandom = 2850605761
kern.msgbufsize = 8172
vm.loadavg = 1.07 0.85 0.59
vm.psstrings = 0xdfbfdff0
vm.swapencrypt.enable = 0
vm.swapencrypt.keyscreated = 0
vm.swapencrypt.keysdeleted = 0
fs.posix.setuid = 1
net.inet.ip.forwarding = 1
net.inet.ip.redirect = 0
net.inet.ip.ttl = 64
net.inet.ip.sourceroute = 0
net.inet.ip.directed-broadcast = 0
net.inet.ip.portfirst = 1024
net.inet.ip.portlast = 49151
net.inet.ip.porthifirst = 49152
net.inet.ip.porthilast = 65535
net.inet.ip.maxqueue = 300
net.inet.ip.encdebug = 0
net.inet.ip.ipsec-expire-acquire = 30
net.inet.ip.ipsec-invalid-life = 60
net.inet.ip.ipsec-pfs = 1
net.inet.ip.ipsec-soft-allocs = 0
net.inet.ip.ipsec-allocs = 0
net.inet.ip.ipsec-soft-bytes = 0
net.inet.ip.ipsec-bytes = 0
net.inet.ip.ipsec-timeout = 86400
net.inet.ip.ipsec-soft-timeout = 80000
net.inet.ip.ipsec-soft-firstuse = 3600
net.inet.ip.ipsec-firstuse = 7200
net.inet.ip.ipsec-enc-alg = aes
net.inet.ip.ipsec-auth-alg = hmac-sha1
net.inet.ip.mtudisc = 0
net.inet.ip.mtudisctimeout = 600
net.inet.icmp.maskrepl = 0
net.inet.icmp.bmcastecho = 0
net.inet.icmp.errppslimit = 100
net.inet.ipip.allow = 0
net.inet.tcp.rfc1323 = 1
net.inet.tcp.keepinittime = 150
net.inet.tcp.keepidle = 14400
net.inet.tcp.keepintvl = 150
net.inet.tcp.slowhz = 2
net.inet.tcp.baddynamic = 587,749,750,751,760,761,871
net.inet.tcp.recvspace = 16384
net.inet.tcp.sendspace = 16384
net.inet.tcp.sack = 1
net.inet.tcp.mssdflt = 512
net.inet.tcp.rstppslimit = 100
net.inet.udp.checksum = 1
net.inet.udp.baddynamic = 587,749
net.inet.udp.recvspace = 41600
net.inet.udp.sendspace = 9216
net.inet.gre.allow = 0
net.inet.esp.enable = 0
net.inet.ah.enable = 0
net.inet.mobileip.allow = 0
net.inet.etherip.allow = 0
net.inet6.ip6.forwarding = 0
net.inet6.ip6.redirect = 1
net.inet6.ip6.hlim = 64
net.inet6.ip6.maxfragpackets = 200
net.inet6.ip6.accept_rtadv = 0
net.inet6.ip6.keepfaith = 0
net.inet6.ip6.log_interval = 5
net.inet6.ip6.hdrnestlimit = 50
net.inet6.ip6.dad_count = 1
net.inet6.ip6.auto_flowlabel = 1
net.inet6.ip6.defmcasthlim = 1
net.inet6.ip6.kame_version = 19991208/OpenBSD-current
net.inet6.ip6.use_deprecated = 1
net.inet6.ip6.rr_prune = 5
net.inet6.icmp6.rediraccept = 1
net.inet6.icmp6.redirtimeout = 600
net.inet6.icmp6.nd6_prune = 1
net.inet6.icmp6.nd6_delay = 5
net.inet6.icmp6.nd6_umaxtries = 3
net.inet6.icmp6.nd6_mmaxtries = 3
net.inet6.icmp6.nd6_useloopback = 1
net.inet6.icmp6.nodeinfo = 1
net.inet6.icmp6.errppslimit = 100
net.inet6.icmp6.nd6_maxnudhint = 0
hw.machine = i386
hw.model = Intel Pentium III ("GenuineIntel" 686-class, 512KB L2 cache)
hw.ncpu = 1
hw.byteorder = 1234
hw.physmem = 133791744
hw.usermem = 132743168
hw.pagesize = 4096
machdep.console_device = ttyC0
machdep.bios.diskinfo.0 = bootdev = 0xa0000202, cylinders = 80, heads = 2, 
sectors = 18
machdep.bios.diskinfo.128 = bootdev = 0xa0000204, cylinders = 1023, heads = 
255, sectors = 63
machdep.bios.diskinfo.129 = bootdev = 0xa0000200, cylinders = 1022, heads = 
255, sectors = 63
machdep.bios.cksumlen = 1
machdep.allowaperture = 1
machdep.cpuvendor = GenuineIntel
machdep.cpuid = 1651
machdep.cpufeature = 58980863
machdep.apmwarn = 10
machdep.kbdreset = 0
user.cs_path = /usr/bin:/bin:/usr/sbin:/sbin:/usr/X11R6/bin:/usr/local/bin
user.bc_base_max = 2147483647
user.bc_dim_max = 65535
user.bc_scale_max = 2147483647
user.bc_string_max = 2147483647
user.coll_weights_max = 2
user.expr_nest_max = 32
user.line_max = 2048
user.re_dup_max = 255
user.posix2_version = 199212
user.posix2_c_bind = 0
user.posix2_c_dev = 0
user.posix2_char_term = 0
user.posix2_fort_dev = 0
user.posix2_fort_run = 0
user.posix2_localedef = 0
user.posix2_sw_dev = 0
user.posix2_upe = 0
user.stream_max = 20
user.tzname_max = 255
ddb.radix = 16
ddb.max_width = 80
ddb.max_line = 24
ddb.tab_stop_width = 8
ddb.panic = 1
ddb.console = 0
vfs.mounts.ffs has 7 mounted instances
vfs.ffs.doclusterread = 1
vfs.ffs.doclusterwrite = 1
vfs.ffs.doreallocblks = 1
vfs.ffs.doasyncfree = 1
vfs.nfs.iothreads = -1
<root_(_dot_)_wheel_(_at_)_hpe35> [~] #
//====================================




Visit your host, monkey.org