weird http proxy/firewall problem
This is a discussion on weird http proxy/firewall problem within the Linux Networking forums, part of the Linux Forums category; Hi Group, I hope someone can help here or suggest a direction to try. I have set up a linux ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
11-04-2003
|
|||
|
|||
weird http proxy/firewall problem
Hi Group,
I hope someone can help here or suggest a direction to try. I have set up a linux box to act as an http firewall/proxy/DSL Gateway for my home network. It also serves as DHCP server for the home network, and as http server for a small internet site, using dyndns to make it reachable via dns name. The idea was that if I have an "always up" machine it should do as much as possible. That all works fine, the *only* problem is that certain sites (i.e. http dns addresses) are not reachable by browser from machines withing the home network. It is only a few particular addresses, most work fine. The examples I have found are actually all .de domains (I am in Germany), though conversely some .de domains do work. For example: www.yahoo.de www.bahn.de www.epost.de are all problematic, whereas www.yahoo.com www.spiegel.de are both ok. Sites seem to behave the same at all times, those that work always work and those that do not never work. With the addresses that are not reachable by browser from within the home network, the browser simply waits for ages and then gives a timeout error or the "document contains no data" message. The addresses that are not loadable in the browser from within the home network CAN be loaded from a browser directly on the gateway/proxy machine, and can be pinged from BOTH the proxy AND from machines within the network, both giving the same ip address. Entering this IP address in the browser directly doesn't help though. It is almost as if the proxy server were configured for child protection and had decided that sites like bahn.de and epost.de were pornographic! Everything else I need works fine within the home network, Usenet, ICQ, IRC, POP/SMTP, some P2P stuff etc. I am running Mandrake Linux 9.1 with a Fritz!DSL SL card. Probably that means the firewall is shorewall though I've done the configuration via the GUI as far as possible so I'm not sure there. Does anybody have any ideas? I'd be most grateful even for vague suggestions since I'm stumped on this one and it is spoiling my otherwise great setup. Many thanks in advance David 
|
|
11-05-2003
|
|||
|
|||
|
Re: weird http proxy/firewall problem
OK people, just in case anyone is interested or someone else
has the the same problem and finds this thread, I found the problem if not the solution, thanks to another group. It is a nasty little beast called PMTUD (try google). E.g. http://www.netheaven.com/pmtu.html David "David Johnstone" <david_ffm@mail.com> wrote in message news:<bo96vj$ivh$01$1@news.t-online.com>... > Hi Group, > > I hope someone can help here or suggest a direction to try. >...
|
Linear Mode
