[Chilli] Crazy TCP resets when CoovaChilli is enabled (UAM redirection problem)
Yuh-Rong Leu
yuhrong.leu at gmail.com
Wed May 4 11:03:22 UTC 2011
Attached please find the Wireshark packet captures before and after the
change.
As you can see, there are many strange TCP reset messages (with nonsense SEQ
numbers) in before.pcap.
Yuh-Rong Leu
2011/5/4 David Bird <david at coova.com>
> Hi, after your change, do you see duplicate packets on the dhcpif
> interface? What do your iptables rules look l like? My suspicion is that
> both the kernel and chilli are forwarding packets off of the dhcpif ... In
> iptables, you should have a DROP for the FORWARD coming in from the dhcpif.
>
> --
> David Bird
> Coova Technologies, LLC
>
> On Apr 27, 2011, at 4:33 PM, Yuh-Rong Leu <yuhrong.leu at gmail.com> wrote:
>
> I found the root cause of the crazy TCP reset messages.
>
> In dhcp.c, the dhcp_data_req() function calls dhcp_undoDNAT with the
> do_reset parameter set to 1 when authstate == DHCP_AUTH_DNAT (at around
> line# 4074). Therefore, crazy TCP reset messages will be sent inside
> dhcp_undoDNAT.
>
> After the code is changed to use 0 for the do_reset parameter when calling
> dhcp_undoDNAT, the problem goes away, and Web redirection works well with
> any triggering any URL on any browser.
>
> Yuh-Rong Leu
>
>
>
> 2011/4/26 Yuh-Rong Leu <yuhrong.leu at gmail.com>
>
>> Web redirection doesn't work stably with my CoovaChilli/OpenWrt box. Here
>> are the test results:
>>
>> If the browser home page is set to http://www.google.com:
>> - IE9 is seldom redirected to the welcome/login page
>> - Chrome 10 is redirected to the welcome/login page most of the time.
>> - Firefox 4 is is redirected to the welcome/login page most of the time.
>>
>> If the browser home page is set to http://www.microsoft.com:
>> - Redirection works quite fine with all kinds of browsers.
>>
>> If the browser home page is set to http://www.apple.com or
>> http://www.bing.com:
>> - Redirection does not work at all with any browsers.
>>
>> Peeking the packets with Wireshark, I found TCP connections are reset
>> several times by CoovaChilli/OpenWrt. And some TCP reset messages sent by
>> CoovaChilli/OpenWrt have insanely large SEQ number. As the attached
>> Wireshard packet capture, which was generated by "telnet 64.233.183.105 80,"
>> shows, 5 RST messages were sent, and 4 of them are with Seq=1246334216.
>>
>> I believe it's these crazy RST messages that make UAM redirection not work
>> stably. I doubt the RST messages were due to Firwall rules CoovaChilli added
>> to iptables, but I have not been able to figure out where the firewall rules
>> reside.
>>
>> Can anyone tell how CoovaChilli manipulates iptables before it sends HTTP
>> 302 Moved Temporarily for UAM redireciton?
>>
>> Yuh-Rong Leu
>>
>
> _______________________________________________
> Chilli mailing list
> Chilli at coova.org
> http://lists.coova.org/cgi-bin/mailman/listinfo/chilli
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.coova.org/pipermail/chilli/attachments/20110504/ff049974/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: after.pcap
Type: application/octet-stream
Size: 81943 bytes
Desc: not available
URL: <http://lists.coova.org/pipermail/chilli/attachments/20110504/ff049974/attachment-0002.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: before.pcap
Type: application/octet-stream
Size: 8974 bytes
Desc: not available
URL: <http://lists.coova.org/pipermail/chilli/attachments/20110504/ff049974/attachment-0003.obj>
More information about the Chilli
mailing list