B
billsb
OK, I think I have what may be the strangest bug I've heard about....
I have an Acer laptop that's been working fairly well - attached to
the internet via 802.11 and a NAT box. The only problem I had been
having was getting the CISCO VPN client to stay connected - sooo...
last night I re-installed the VPN client plus Ethereal and pcap so i
could trace issues if it failed.
OK - here's the weird part... after running for a while I find I am
unable to connect with HTTP servers. Other TCP connections work
find. When I looked at the sniffer trace it appears the outgoing
connection requests have modified packets with the IP source of the
outgoing SYN matching the destination and the outgoing destination
address is something I've not seen before.
It only happens with HTTP and can be reproduced by doing a "telnet
<IP> 80"
The problem goes away if I connect using the VPN and stays gone for a
while if I disconnect from the VPN.
I removed all the software I installed and still have the problem so
I'm guessing that there must be some crumb of a filter that looks for
http traffic and messes with the packet.
As I said before, other non-http traffic is not modified and works
fine.
Any hints?
I have an Acer laptop that's been working fairly well - attached to
the internet via 802.11 and a NAT box. The only problem I had been
having was getting the CISCO VPN client to stay connected - sooo...
last night I re-installed the VPN client plus Ethereal and pcap so i
could trace issues if it failed.
OK - here's the weird part... after running for a while I find I am
unable to connect with HTTP servers. Other TCP connections work
find. When I looked at the sniffer trace it appears the outgoing
connection requests have modified packets with the IP source of the
outgoing SYN matching the destination and the outgoing destination
address is something I've not seen before.
It only happens with HTTP and can be reproduced by doing a "telnet
<IP> 80"
The problem goes away if I connect using the VPN and stays gone for a
while if I disconnect from the VPN.
I removed all the software I installed and still have the problem so
I'm guessing that there must be some crumb of a filter that looks for
http traffic and messes with the packet.
As I said before, other non-http traffic is not modified and works
fine.
Any hints?