Comment 8 for bug 98798

Revision history for this message
Pablo Catalina (xkill) wrote :

It's a problem with art.gnome.org, it reject the connection (may by an IDS or L7 Firewall)
I show strace:
[...]
socket(PF_INET, SOCK_DGRAM, IPPROTO_IP) = 6
connect(6, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("192.168.23.23")}, 28) = 0
fcntl64(6, F_GETFL) = 0x2 (flags O_RDWR)
fcntl64(6, F_SETFL, O_RDWR|O_NONBLOCK) = 0
gettimeofday({1211481595, 242558}, NULL) = 0
poll([{fd=6, events=POLLOUT, revents=POLLOUT}], 1, 0) = 1
send(6, "\226;\1\0\0\1\0\0\0\0\0\0\3art\5gnome\3org\0\0\1\0\1", 31, MSG_NOSIGNAL) = 31
poll([{fd=6, events=POLLIN, revents=POLLIN}], 1, 5000) = 1
ioctl(6, FIONREAD, [222]) = 0
recvfrom(6, "\226;\201\200\0\1\0\2\0\6\0\0\3art\5gnome\3org\0\0\1\0"..., 1024, 0, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("192.168.23.23")}, [16]) = 222
close(6) = 0
socket(PF_INET, SOCK_STREAM, IPPROTO_TCP) = 6
fcntl64(6, F_GETFL) = 0x2 (flags O_RDWR)
fcntl64(6, F_SETFL, O_RDWR|O_NONBLOCK) = 0
connect(6, {sa_family=AF_INET, sin_port=htons(80), sin_addr=inet_addr("209.132.176.176")}, 16) = -1 EINPROGRESS (Operation now in progress)
select(8, [3], [6], [6], NULL) = 1 (out [6])
connect(6, {sa_family=AF_INET, sin_port=htons(80), sin_addr=inet_addr("209.132.176.176")}, 16) = 0
fcntl64(6, F_SETFL, O_RDWR) = 0
fcntl64(6, F_GETFL) = 0x2 (flags O_RDWR)
fstat64(6, {st_mode=S_IFSOCK|0777, st_size=0, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb67aa000
_llseek(6, 0, 0xbf83f590, SEEK_CUR) = -1 ESPIPE (Illegal seek)
fcntl64(6, F_GETFL) = 0x2 (flags O_RDWR)
fstat64(6, {st_mode=S_IFSOCK|0777, st_size=0, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb67a4000
_llseek(6, 0, 0xbf83f590, SEEK_CUR) = -1 ESPIPE (Illegal seek)
select(4, [3], [], [], {0, 0}) = 0 (Timeout)
sigprocmask(SIG_SETMASK, [], NULL) = 0
sigprocmask(SIG_BLOCK, NULL, []) = 0
[...]
select(8, [3], [6], [], NULL) = 1 (out [6])
select(8, [3], [6], [], NULL) = 1 (out [6])
write(6, "GET / HTTP/1.1\r\nAccept: */*\r\nHos"..., 52) = 52
sigprocmask(SIG_BLOCK, NULL, []) = 0
[...]
select(7, [3 6], [], [], {59, 999555}) = 1 (in [6], left {59, 736000})
read(6, 0x80aa878, 1024) = -1 ECONNRESET (Connection reset by peer)
gettimeofday({1211481595, 779961}, NULL) = 0
[...]

And the tcp traffic:
$ sudo ngrep -d ath0 port 80
interface: ath0 (192.168.23.0/255.255.255.0)
filter: (ip or ip6) and ( port 80 )
####
T 192.168.23.142:45793 -> 209.132.176.176:80 [AP]
  GET / HTTP/1.1..Accept: */*..Host: art.gnome.org....
#
T 209.132.176.176:80 -> 192.168.23.142:45793 [R]
  ......

So I try to connect to art.gnome.org with:
1) Firefox: Works
2) Links (text based): Works
3) Netcat:
nc art.gnome.org 80
GET / HTTP/1.1

and the server reset de connection.

So I think the program needs more HTTP Headers.