[Chilli] Crazy TCP resets when CoovaChilli is enabled (UAM redirection problem)

[Yuh-Rong Leu]

Web redirection doesn't work stably with my CoovaChilli/OpenWrt box. Here
are the test results:

If the browser home page is set to http://www.google.com:
- IE9 is seldom redirected to the welcome/login page
- Chrome 10 is redirected to the welcome/login page most of the time.
- Firefox 4 is is redirected to the welcome/login page most of the time.

If the browser home page is set to http://www.microsoft.com:
- Redirection works quite fine with all kinds of browsers.

If the browser home page is set to http://www.apple.com or
http://www.bing.com:
- Redirection does not work at all with any browsers.

Peeking the packets with Wireshark, I found TCP connections are reset
several times by CoovaChilli/OpenWrt. And some TCP reset messages sent by
CoovaChilli/OpenWrt have insanely large SEQ number. As the attached
Wireshard packet capture, which was generated by "telnet 64.233.183.105 80,"
shows, 5 RST messages were sent, and 4 of them are with Seq=1246334216.

I believe it's these crazy RST messages that make UAM redirection not work
stably. I doubt the RST messages were due to Firwall rules CoovaChilli added
to iptables, but I have not been able to figure out where the firewall rules
reside.

Can anyone tell how CoovaChilli manipulates iptables before it sends HTTP
302 Moved Temporarily for UAM redireciton?

Yuh-Rong Leu
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.coova.org/pipermail/chilli/attachments/20110426/2236c607/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: CrazyTcpReset.gif
Type: image/gif
Size: 125244 bytes
Desc: not available
URL: <http://lists.coova.org/pipermail/chilli/attachments/20110426/2236c607/attachment-0001.gif>