gpatel-fr wrote: ↑August 18th, 2019, 9:47 pm
axel2078 wrote: ↑August 18th, 2019, 8:44 pm
I tried this from a CentOS host on my network behind IPFire and it just times out.
[user@CentOS ~]$ wget
https://mail.mantech.com/owa
--2019-08-18 15:33:52--
https://mail.mantech.com/owa
Resolving mail.mantech.com (mail.mantech.com)... 108.174.241.57
Connecting to mail.mantech.com (mail.mantech.com)|108.174.241.57|:443... failed: Connection timed out.
It should be relatively easy to debug then. Install tshark on pakfire.
Then run on ipfire:
tshark -i green0 host 108.174.241.57
then run on your Centos station
wget
https://mail.mantech.com
You should see at least the SYN packet and either retransmission packets or more on the ipfire screen. Paste it here.
Then same thing but replace green by red:
tshark -i red0 host 108.174.241.57
and run again wget
https://mail.mantech.com
Paste the new tshark trace (if any)
Here's the capture from green 0. I got a lot of retries. I got bored and eventually killed it after the 7th retry.
[root@ipfire-64 ~]# tshark -i green0 host 108.174.241.57
Running as user "root" and group "root". This could be dangerous.
Capturing on 'green0'
1 0.000000000 192.168.15.9 → 108.174.241.57 TCP 74 36130 → 443 [SYN] Seq=0 Win=29200 Len=0 MSS=1460 SACK_PERM=1 TSval=29598030 TSecr=0 WS=128
2 1.001897370 192.168.15.9 → 108.174.241.57 TCP 74 [TCP Retransmission] 36130 → 443 [SYN] Seq=0 Win=29200 Len=0 MSS=1460 SACK_PERM=1 TSval=29599032 TSecr=0 WS=128
3 3.005929603 192.168.15.9 → 108.174.241.57 TCP 74 [TCP Retransmission] 36130 → 443 [SYN] Seq=0 Win=29200 Len=0 MSS=1460 SACK_PERM=1 TSval=29601036 TSecr=0 WS=128
4 7.010032173 192.168.15.9 → 108.174.241.57 TCP 74 [TCP Retransmission] 36130 → 443 [SYN] Seq=0 Win=29200 Len=0 MSS=1460 SACK_PERM=1 TSval=29605040 TSecr=0 WS=128
5 15.026191929 192.168.15.9 → 108.174.241.57 TCP 74 [TCP Retransmission] 36130 → 443 [SYN] Seq=0 Win=29200 Len=0 MSS=1460 SACK_PERM=1 TSval=29613056 TSecr=0 WS=128
6 31.058549046 192.168.15.9 → 108.174.241.57 TCP 74 [TCP Retransmission] 36130 → 443 [SYN] Seq=0 Win=29200 Len=0 MSS=1460 SACK_PERM=1 TSval=29629088 TSecr=0 WS=128
7 63.155256183 192.168.15.9 → 108.174.241.57 TCP 74 [TCP Retransmission] 36130 → 443 [SYN] Seq=0 Win=29200 Len=0 MSS=1460 SACK_PERM=1 TSval=29661184 TSecr=0 WS=128
Here's my output from red0. Again, I stopped after the 7th retry.
[root@ipfire-64 ~]# tshark -i red0 host 108.174.241.57
Running as user "root" and group "root". This could be dangerous.
Capturing on 'red0'
1 0.000000000 75.132.128.33 → 108.174.241.57 TCP 74 36146 → 443 [SYN] Seq=0 Win=29200 Len=0 MSS=1460 SACK_PERM=1 TSval=29763152 TSecr=0 WS=128
2 1.001904318 75.132.128.33 → 108.174.241.57 TCP 74 [TCP Retransmission] 36146 → 443 [SYN] Seq=0 Win=29200 Len=0 MSS=1460 SACK_PERM=1 TSval=29764154 TSecr=0 WS=128
3 3.007925291 75.132.128.33 → 108.174.241.57 TCP 74 [TCP Retransmission] 36146 → 443 [SYN] Seq=0 Win=29200 Len=0 MSS=1460 SACK_PERM=1 TSval=29766160 TSecr=0 WS=128
4 7.016032537 75.132.128.33 → 108.174.241.57 TCP 74 [TCP Retransmission] 36146 → 443 [SYN] Seq=0 Win=29200 Len=0 MSS=1460 SACK_PERM=1 TSval=29770168 TSecr=0 WS=128
5 15.024179315 75.132.128.33 → 108.174.241.57 TCP 74 [TCP Retransmission] 36146 → 443 [SYN] Seq=0 Win=29200 Len=0 MSS=1460 SACK_PERM=1 TSval=29778176 TSecr=0 WS=128
6 31.056512785 75.132.128.33 → 108.174.241.57 TCP 74 [TCP Retransmission] 36146 → 443 [SYN] Seq=0 Win=29200 Len=0 MSS=1460 SACK_PERM=1 TSval=29794208 TSecr=0 WS=128
7 63.153213321 75.132.128.33 → 108.174.241.57 TCP 74 [TCP Retransmission] 36146 → 443 [SYN] Seq=0 Win=29200 Len=0 MSS=1460 SACK_PERM=1 TSval=29826304 TSecr=0 WS=128