Ah ha - Re: UAMALLOWED and HTTPS (to select.worldpay.com)
Derek C
derekchilli at hssl.ie
Wed Apr 29 14:38:27 UTC 2009
Hi again,
Ok: Now I realised something. Its Worldpay that's doing the blocking when
traffic is routing via my Coova Chilli box (BTW Worldpay is a credit/debit
card payment gateway - a part of the Royal Bank of Scotland group).
I can add another site to the uamallowed directive and access their SSL
site fine (and "telnet SITE 443" works fine too).
What could it be that Worldpay is identifying with Coova Chilli traffic
and makes them drop it?
On my Coova Chilli AP I'm doing the usual NAT handling with "iptables -t
nat -A POSTROUTING -o eth0 -j MASQUERADE" and if I don't use Coova Chilli
and put an IP on the wifi AP interface then Worldpay does NOT block my
connection (i.e. it only happens when Coova Chilli is handling the IP DHCP
allocation).
Maybe its something with the masquerading not fully handling the IP
mapping - something that makes Worldpay reject the traffic due to, in
their opinion, IP spoofing?
Derek
On Wed, April 29, 2009 3:06 pm, Johan Meiring wrote:
> Derek C wrote:
>
>> Hi Johan,
>>
>>
>> Below is the output of "tcpdump -vvntttt -i ath0 dst 155.136.66.34"
>> (where
>> that IP is select.worldpay.com).
>>
>
> Your filter is of such a nature that you will only see outgoing traffic.
>
>
> tcpdump -vvntttt -i ath0 host 155.136.66.34 ^^^^
> is better.
>
> Also you are filtering other traffic.
>
>
> Best to use:
> tcpdump -vvntttt -s 1500 -i ath0 (-s 1500 makes it capture the whole
> packet, and you then get more info)
>
> If you feel the output is too long, use something like pastebin.com
>
>
>
> --
>
>
>
> Johan Meiring
> Amobia Communications
> Tel: (0861) AMOBIA / (0861) 266242
> Fax: (0861) AMOFAX / (0861) 266329
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: chilli-unsubscribe at coova.org
> For additional commands, e-mail: chilli-help at coova.org
> Wiki: http://coova.org/wiki/index.php/CoovaChilli
> Forum: http://coova.org/phpBB3/viewforum.php?f=4
>
>
>
--
Derek C
In Ireland
More information about the Chilli
mailing list