[adminFFM 00103] https-Umleitung vs Autoupdater
Christof Schulze
christof.schulze at gmx.net
Mo Nov 13 23:53:45 CET 2017
Hallo Igor,
Vor einiger Zeit hattest Du eine vom user agent abhängige Umleitung auf
dem Download-server eingestellt. Der Autoupdater auf dem hagrid wird
trotzd Zugriff durch wget auf die https-Seite umgeleitet.
Der tcpdump zeigt, dass hierbei der User-Agent: uclient-fetch geliefert
wird.
Darf ich Dich bitten, uclient-fetch mit in Deine http-whitelist
aufzunehmen?
23:47:38.828072 IP (tos 0x0, ttl 64, id 17847, offset 0, flags [DF], proto TCP (6), length 145)
192.168.178.43.35248 > gateway.caleano.com.80: Flags [P.], cksum 0xcb0f (incorrect -> 0xc078), seq 1:94, ack 1, win 1825, options [nop,nop,TS val 746959 ecr 518970483], length 93: HTTP, length: 93
GET /babel-dev/sysupgrade/n_babel-work.manifest HTTP/1.1
Host: firmware.services.ffffm.net
E...E. at .@.*$...+. .....P./ ........!.......
..e....sGET /babel-dev/sysupgrade/n_babel-work.manifest HTTP/1.1
Host: firmware.services.ffffm.net
23:47:38.853463 IP (tos 0x0, ttl 50, id 41947, offset 0, flags [DF], proto TCP (6), length 52)
gateway.caleano.com.80 > 192.168.178.43.35248: Flags [.], cksum 0x5a8e (correct), seq 1, ack 94, win 227, options [nop,nop,TS val 518970490 ecr 746959], length 0
E..4.. at .2..\. .....+.P......./ .....Z......
...z..e.
23:47:38.853553 IP (tos 0x0, ttl 64, id 17848, offset 0, flags [DF], proto TCP (6), length 81)
192.168.178.43.35248 > gateway.caleano.com.80: Flags [P.], cksum 0xcacf (incorrect -> 0x49b8), seq 94:123, ack 1, win 1825, options [nop,nop,TS val 746965 ecr 518970490], length 29: HTTP
E..QE. at .@.*c...+. .....P./ ........!.......
..e....zUser-Agent: uclient-fetch
23:47:38.873411 IP (tos 0x0, ttl 50, id 41948, offset 0, flags [DF], proto TCP (6), length 52)
gateway.caleano.com.80 > 192.168.178.43.35248: Flags [.], cksum 0x5a66 (correct), seq 1, ack 123, win 227, options [nop,nop,TS val 518970495 ecr 746965], length 0
E..4.. at .2..[. .....+.P......./ .....Zf.....
......e.
23:47:38.921258 IP (tos 0x0, ttl 51, id 41949, offset 0, flags [DF], proto TCP (6), length 508)
gateway.caleano.com.80 > 192.168.178.43.35248: Flags [P.], cksum 0x67e1 (correct), seq 1:457, ack 123, win 227, options [nop,nop,TS val 518970499 ecr 746965], length 456: HTTP, length: 456
HTTP/1.1 301 Moved Permanently
Server: nginx/1.10.3 (Ubuntu)
Date: Mon, 13 Nov 2017 22:47:38 GMT
Content-Type: text/html
Content-Length: 194
Connection: keep-alive
Location: https://firmware.services.ffffm.net/babel-dev/sysupgrade/n_babel-work.manifest
<html>
<head><title>301 Moved Permanently</title></head>
<body bgcolor="white">
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx/1.10.3 (Ubuntu)</center>
</body>
</html>
E..... at .3.... .....+.P......./ .....g......
......e.HTTP/1.1 301 Moved Permanently
Server: nginx/1.10.3 (Ubuntu)
Date: Mon, 13 Nov 2017 22:47:38 GMT
Content-Type: text/html
Content-Length: 194
Connection: keep-alive
Location: https://firmware.services.ffffm.net/babel-dev/sysupgrade/n_babel-work.manifest
<html>
<head><title>301 Moved Permanently</title></head>
<body bgcolor="white">
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx/1.10.3 (Ubuntu)</center>
</body>
</html>
23:47:38.921336 IP (tos 0x0, ttl 64, id 17849, offset 0, flags [DF], proto TCP (6), length 52)
192.168.178.43.35248 > gateway.caleano.com.80: Flags [.], cksum 0xcab2 (incorrect -> 0x5208), seq 123, ack 457, win 1892, options [nop,nop,TS val 746982 ecr 518970499], length 0
E..4E. at .@.*....+. .....P./ ....k...d.......
..e.....
23:47:38.921556 IP (tos 0x0, ttl 64, id 17850, offset 0, flags [DF], proto TCP (6), length 52)
192.168.178.43.35248 > gateway.caleano.com.80: Flags [F.], cksum 0xcab2 (incorrect -> 0x5207), seq 123, ack 457, win 1892, options [nop,nop,TS val 746982 ecr 518970499], length 0
E..4E. at .@.*~...+. .....P./ ....k...d.......
..e.....
23:47:38.939177 IP (tos 0x0, ttl 51, id 41950, offset 0, flags [DF], proto TCP (6), length 52)
gateway.caleano.com.80 > 192.168.178.43.35248: Flags [F.], cksum 0x5879 (correct), seq 457, ack 124, win 227, options [nop,nop,TS val 518970513 ecr 746982], length 0
E..4.. at .3..Y. .....+.P.....k./ .....Xy.....
viele Grüße
Christof
--
() ascii ribbon campaign - against html e-mail
/\ against proprietary attachments
-------------- nächster Teil --------------
Ein Dateianhang mit Binärdaten wurde abgetrennt...
Dateiname : signature.asc
Dateityp : application/pgp-signature
Dateigröße : 195 bytes
Beschreibung: nicht verfügbar
URL : <http://lists.freifunk.net/mailman/private/admin-ffm-freifunk.net/attachments/20171113/08007d1f/attachment.sig>
Mehr Informationen über die Mailingliste admin-ffm