View previous topic :: View next topic |
Author |
Message |
stegerpl Apprentice
Joined: 25 Jun 2005 Posts: 185 Location: 48°19'30"N 14°20'18"E
|
Posted: Mon Jul 05, 2010 8:14 pm Post subject: problem with cookies |
|
|
Hi,
I have a heating control behind a DSL-modem (Austria) which I can access via internet for remote control - NAT within the router + dyndns.
The heating control offers a web-interface which registers one single user by a cookie (four single characters, upper case). This cookie has to be sent by each action (moving within the different menu levels). If this fails the interface just returns an error message that another user is already logged in.
When I access from a Windows machinge everything is fine. But from my gentoo machine I get the error message after login. I can not move within the menu levels at all.
I checked already if the cookie is accepted (by my gentoo machine) => yes, looks fine (firefox shows it)
I tried firefox, konqueror and opera => all the same
I tried to disable iptables => the same
When I connect from my vmware - Windows (on my gentoo machine) => the same
I also checked the ASCII-coding => ISO-8859-1 as well -15 and UTF-8 (within firefox, my gentoo uses UTF-8 )
The producer of the heating control claims, that they can not reproduce this effect by working with fedora and suse (I guess from a virtual machine). However they are willing to help me to resolve the problem.
I think that my gentoo makes some small changes with the cookies while sending them - or is it possible, that the system blocks the sending of the cookies at all ?
Any Ideas?
Which information do you need to help me?
kernel = 2.6.32
Peter _________________ [1]... AMD Phenon X4-9950 on asus M3N78-EM with 4 GB of RAM - gentoo 10.1 - kernel 2.6.32 - kde 4.3.4
[2]... AMD Athlon XP 2500+ mobile on ASUS A7N8X with 512 kB RAM and 2xTT S-2300 - vdr-1.6.0 based on gentoo-2008.0 |
|
Back to top |
|
|
Hu Moderator
Joined: 06 Mar 2007 Posts: 21633
|
Posted: Mon Jul 05, 2010 9:38 pm Post subject: |
|
|
If this application uses plain HTTP, which would be very bad, try to get a packet capture of it. If it is using HTTPS, a browser extension may be able to log the traffic. You say that it fails for a Windows guest running on your Gentoo host, correct? Were you using Internet Explorer or Firefox in the Windows guest? My first thought is that they failed to support non-IE browsers, though their willingness to help troubleshoot a problem reported by a Linux user could be seen to argue that they are aware of non-IE browsers. |
|
Back to top |
|
|
aCOSwt Bodhisattva
Joined: 19 Oct 2007 Posts: 2537 Location: Hilbert space
|
Posted: Mon Jul 05, 2010 9:47 pm Post subject: Re: problem with cookies |
|
|
Sorry for not understanding everything.
stegerpl wrote: | This cookie has to be sent by each action |
Who is "sending" the cookie to who ?
From my understanding : At first the heating system to your computer being the client, then following what you write, the cookie serving to indentify your computer would be sent back to the host while moving within menu levels ?
How does your client "send" a cookie ?
a/ Is there some javascript filling a form field with the content of the cookie ?
b/ Is it some php script on the server fetching the cookie on your computer when requested to move within menu levels ?
BTW is ecma/java scripting enabled on your browsers ? |
|
Back to top |
|
|
Mad Merlin Veteran
Joined: 09 May 2005 Posts: 1155
|
Posted: Mon Jul 05, 2010 11:25 pm Post subject: Re: problem with cookies |
|
|
aCOSwt wrote: | Sorry for not understanding everything.
stegerpl wrote: | This cookie has to be sent by each action |
Who is "sending" the cookie to who ?
From my understanding : At first the heating system to your computer being the client, then following what you write, the cookie serving to indentify your computer would be sent back to the host while moving within menu levels ?
How does your client "send" a cookie ?
a/ Is there some javascript filling a form field with the content of the cookie ?
b/ Is it some php script on the server fetching the cookie on your computer when requested to move within menu levels ?
BTW is ecma/java scripting enabled on your browsers ? |
Cookies are always sent along with the request headers that the browser sends to the server, that's how HTTP works. _________________ Game! - Where the stick is mightier than the sword! |
|
Back to top |
|
|
stegerpl Apprentice
Joined: 25 Jun 2005 Posts: 185 Location: 48°19'30"N 14°20'18"E
|
Posted: Tue Jul 06, 2010 4:04 pm Post subject: |
|
|
Hi and thanks to everyone...
@Hu: I was running Windoof XP as a client within my gentoo Linux host with vmware. Within the Windoof XP client I am using only IE (the same version as on the Windoof machine where everything works).
@aC0Swt & Mad Merlin: is there a (simple) way to check the request header for the correct cookie ? Is it possible that there is an option somewhere within gentoo-linux which makes trouble with this request header (e.g. changing upper/lowe case) ?
Peter _________________ [1]... AMD Phenon X4-9950 on asus M3N78-EM with 4 GB of RAM - gentoo 10.1 - kernel 2.6.32 - kde 4.3.4
[2]... AMD Athlon XP 2500+ mobile on ASUS A7N8X with 512 kB RAM and 2xTT S-2300 - vdr-1.6.0 based on gentoo-2008.0 |
|
Back to top |
|
|
stegerpl Apprentice
Joined: 25 Jun 2005 Posts: 185 Location: 48°19'30"N 14°20'18"E
|
Posted: Tue Jul 06, 2010 4:34 pm Post subject: |
|
|
Hi,
I checked (for the first time) with tcpdump and the output shows as follows:
Code: | minbar-16 gentoo # tcpdump
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
18:30:59.446998 IP [gentoo].58736 > 195.96.0.4.domain: 9757+ PTR? 3.1.168.192.in-addr.arpa. (42)
18:30:59.451393 IP [gentoo].34216 > 195.96.0.4.domain: 29981+ PTR? 3.1.168.192.in-addr.arpa. (42)
18:30:59.460986 IP 195.96.0.4.domain > [gentoo].58736: 9757 NXDomain 0/1/0 (119)
18:30:59.461129 IP [gentoo].51005 > 195.96.0.4.domain: 36075+ PTR? 158.78.55.87.in-addr.arpa. (43)
18:30:59.465438 IP 195.96.0.4.domain > [gentoo].34216: 29981 NXDomain 0/1/0 (119)
18:30:59.465579 IP [gentoo].45961 > 195.96.0.4.domain: 31860+ PTR? 158.78.55.87.in-addr.arpa. (43)
18:30:59.474536 IP 195.96.0.4.domain > [gentoo].51005: 36075 1/2/2 PTR 0x57374e9e.cpe.ge-0-1-0-1101.nynqu1.customer.tele.dk. (198)
18:30:59.475555 IP [gentoo].38412 > 195.96.0.4.domain: 59238+ PTR? 71.96.3.195.in-addr.arpa. (42)
18:30:59.479516 IP 195.96.0.4.domain > [gentoo].45961: 31860 1/2/2 PTR 0x57374e9e.cpe.ge-0-1-0-1101.nynqu1.customer.tele.dk. (198)
18:30:59.480438 IP [gentoo].51589 > 195.96.0.4.domain: 2912+ PTR? 71.96.3.195.in-addr.arpa. (42)
18:30:59.489364 IP 195.96.0.4.domain > [gentoo].38412: 59238 1/3/2 PTR email-aon.highway.telekom.at. (176)
18:30:59.489636 IP [gentoo].46686 > 195.96.0.4.domain: 1945+ PTR? 12.15.187.204.in-addr.arpa. (44)
18:30:59.494760 IP 195.96.0.4.domain > [gentoo].51589: 2912 1/3/2 PTR email-aon.highway.telekom.at. (176)
18:30:59.495197 IP [gentoo].43642 > 195.96.0.4.domain: 38841+ PTR? 12.15.187.204.in-addr.arpa. (44)
18:30:59.503592 IP 195.96.0.4.domain > [gentoo].46686: 1945 1/3/0 PTR forums.gentoo.org. (138)
18:30:59.508710 IP [gentoo].56809 > 195.96.0.4.domain: 32139+ PTR? 4.0.96.195.in-addr.arpa. (41)
18:30:59.509779 IP 195.96.0.4.domain > [gentoo].43642: 38841 1/3/0 PTR forums.gentoo.org. (138)
18:30:59.513611 IP [gentoo].36981 > 195.96.0.4.domain: 43977+ PTR? 4.0.96.195.in-addr.arpa. (41)
18:30:59.522576 IP 195.96.0.4.domain > [gentoo].56809: 32139 1/3/3 PTR cdns1.utanet.at. (178)
18:30:59.526813 IP 195.96.0.4.domain > [gentoo].36981: 43977 1/3/3 PTR cdns1.utanet.at. (178)
18:31:01.442454 IP [gentoo].51694 > 195.96.0.4.domain: 12355+ PTR? 3.1.168.192.in-addr.arpa. (42)
18:31:01.448573 IP [gentoo].50288 > 195.96.0.4.domain: 6683+ PTR? 3.1.168.192.in-addr.arpa. (42)
18:31:01.456037 IP 195.96.0.4.domain > [gentoo].51694: 12355 NXDomain 0/1/0 (119)
18:31:01.456156 IP [gentoo].54468 > 195.96.0.4.domain: 42391+ PTR? 158.78.55.87.in-addr.arpa. (43)
18:31:01.462862 IP 195.96.0.4.domain > [gentoo].50288: 6683 NXDomain 0/1/0 (119)
18:31:01.462941 IP [gentoo].48783 > 195.96.0.4.domain: 31644+ PTR? 158.78.55.87.in-addr.arpa. (43)
18:31:01.470698 IP 195.96.0.4.domain > [gentoo].54468: 42391 1/2/2 PTR 0x57374e9e.cpe.ge-0-1-0-1101.nynqu1.customer.tele.dk. (198)
18:31:01.471742 IP [gentoo].57174 > 195.96.0.4.domain: 29553+ PTR? 71.96.3.195.in-addr.arpa. (42)
18:31:01.477902 IP 195.96.0.4.domain > [gentoo].48783: 31644 1/2/2 PTR 0x57374e9e.cpe.ge-0-1-0-1101.nynqu1.customer.tele.dk. (198)
18:31:01.478967 IP [gentoo].59548 > 195.96.0.4.domain: 1972+ PTR? 71.96.3.195.in-addr.arpa. (42)
18:31:01.487208 IP 195.96.0.4.domain > [gentoo].57174: 29553 1/3/2 PTR email-aon.highway.telekom.at. (176)
18:31:01.487496 IP [gentoo].51641 > 195.96.0.4.domain: 289+ PTR? 12.15.187.204.in-addr.arpa. (44)
18:31:01.492898 IP 195.96.0.4.domain > [gentoo].59548: 1972 1/3/2 PTR email-aon.highway.telekom.at. (176)
18:31:01.493090 IP [gentoo].46330 > 195.96.0.4.domain: 43605+ PTR? 12.15.187.204.in-addr.arpa. (44)
18:31:01.502111 IP 195.96.0.4.domain > [gentoo].51641: 289 1/3/0 PTR forums.gentoo.org. (138)
18:31:01.505290 IP [gentoo].38569 > 195.96.0.4.domain: 15223+ PTR? 4.0.96.195.in-addr.arpa. (41)
18:31:01.507435 IP 195.96.0.4.domain > [gentoo].46330: 43605 1/3/0 PTR forums.gentoo.org. (138)
18:31:01.511535 IP [gentoo].56717 > 195.96.0.4.domain: 57970+ PTR? 4.0.96.195.in-addr.arpa. (41)
18:31:01.519724 IP 195.96.0.4.domain > [gentoo].38569: 15223 1/3/3 PTR cdns1.utanet.at. (178)
18:31:01.526156 IP 195.96.0.4.domain > [gentoo].56717: 57970 1/3/3 PTR cdns1.utanet.at. (178)
18:31:01.846072 IP [gentoo].33579 > 195.96.0.4.domain: 42239+ A? stp6632.dyndns.org. (36)
18:31:01.884876 IP 195.96.0.4.domain > [gentoo].33579: 42239 1/5/2 A [heating] (174)
18:31:01.887913 IP [gentoo].51043 > [heating].http: Flags [S], seq 1391601140, win 5520, options [mss 1380,sackOK,TS val 1927615 ecr 0,nop,wscale 7], length 0
18:31:01.936184 IP [heating].http > [gentoo].51043: Flags [S.], seq 2297013212, ack 1391601141, win 576, options [mss 576], length 0
18:31:01.936234 IP [gentoo].51043 > [heating].http: Flags [.], ack 1, win 5520, length 0
18:31:01.936292 IP [gentoo].51043 > [heating].http: Flags [.], seq 1:289, ack 1, win 5520, length 288
18:31:01.936302 IP [gentoo].51043 > [heating].http: Flags [P.], seq 289:416, ack 1, win 5520, length 127
18:31:01.994066 IP [heating].http > [gentoo].51043: Flags [.], ack 289, win 576, length 0
18:31:02.078986 IP [heating].http > [gentoo].51043: Flags [P.], seq 1:523, ack 289, win 576, length 522
18:31:02.079051 IP [gentoo].51043 > [heating].http: Flags [.], ack 523, win 6264, length 0
18:31:02.083518 IP [heating].http > [gentoo].51043: Flags [.], ack 416, win 576, length 0
18:31:02.118306 IP [heating].http > [gentoo].51043: Flags [P.], seq 523:918, ack 416, win 576, length 395
18:31:02.118321 IP [gentoo].51043 > [heating].http: Flags [.], ack 918, win 7308, length 0
18:31:02.136531 IP [heating].http > [gentoo].51043: Flags [F.], seq 918, ack 416, win 576, length 0
18:31:02.136808 IP [gentoo].51043 > [heating].http: Flags [F.], seq 416, ack 919, win 7308, length 0
18:31:02.183434 IP [heating].http > [gentoo].51043: Flags [.], ack 417, win 576, length 0
18:31:03.443624 IP [gentoo].34326 > 195.96.0.4.domain: 27487+ PTR? 3.1.168.192.in-addr.arpa. (42)
18:31:03.448294 IP [gentoo].35055 > 195.96.0.4.domain: 25240+ PTR? 3.1.168.192.in-addr.arpa. (42)
18:31:03.457846 IP 195.96.0.4.domain > [gentoo].34326: 27487 NXDomain 0/1/0 (119)
18:31:03.458016 IP [gentoo].32989 > 195.96.0.4.domain: 37623+ PTR? 158.78.55.87.in-addr.arpa. (43)
18:31:03.462218 IP 195.96.0.4.domain > [gentoo].35055: 25240 NXDomain 0/1/0 (119)
18:31:03.462349 IP [gentoo].60633 > 195.96.0.4.domain: 11408+ PTR? 158.78.55.87.in-addr.arpa. (43)
18:31:03.472658 IP 195.96.0.4.domain > [gentoo].32989: 37623 1/2/2 PTR 0x57374e9e.cpe.ge-0-1-0-1101.nynqu1.customer.tele.dk. (198)
18:31:03.473764 IP [gentoo].56287 > 195.96.0.4.domain: 33195+ PTR? 71.96.3.195.in-addr.arpa. (42)
18:31:03.476843 IP 195.96.0.4.domain > [gentoo].60633: 11408 1/2/2 PTR 0x57374e9e.cpe.ge-0-1-0-1101.nynqu1.customer.tele.dk. (198)
18:31:03.477847 IP [gentoo].54146 > 195.96.0.4.domain: 51116+ PTR? 71.96.3.195.in-addr.arpa. (42)
18:31:03.488807 IP 195.96.0.4.domain > [gentoo].56287: 33195 1/3/2 PTR email-aon.highway.telekom.at. (176)
18:31:03.488933 IP [gentoo].40428 > 195.96.0.4.domain: 12213+ PTR? 12.15.187.204.in-addr.arpa. (44)
18:31:03.492253 IP 195.96.0.4.domain > [gentoo].54146: 51116 1/3/2 PTR email-aon.highway.telekom.at. (176)
18:31:03.492329 IP [gentoo].32919 > 195.96.0.4.domain: 49817+ PTR? 12.15.187.204.in-addr.arpa. (44)
18:31:03.503623 IP 195.96.0.4.domain > [gentoo].40428: 12213 1/3/0 PTR forums.gentoo.org. (138)
18:31:03.506589 IP 195.96.0.4.domain > [gentoo].32919: 49817 1/3/0 PTR forums.gentoo.org. (138)
18:31:03.815108 IP [gentoo].36668 > 204.187.15.12.http: Flags [F.], seq 4175106494, ack 1247201649, win 386, options [nop,nop,TS val 1929543 ecr 2329774939], length 0
18:31:05.444397 IP [gentoo].35835 > 195.96.0.4.domain: 60264+ PTR? 3.1.168.192.in-addr.arpa. (42)
18:31:05.449160 IP [gentoo].54403 > 195.96.0.4.domain: 36989+ PTR? 3.1.168.192.in-addr.arpa. (42)
18:31:05.458256 IP 195.96.0.4.domain > [gentoo].35835: 60264 NXDomain 0/1/0 (119)
18:31:05.458426 IP [gentoo].38084 > 195.96.0.4.domain: 19940+ PTR? 158.78.55.87.in-addr.arpa. (43)
18:31:05.462704 IP 195.96.0.4.domain > [gentoo].54403: 36989 NXDomain 0/1/0 (119)
18:31:05.462789 IP [gentoo].43428 > 195.96.0.4.domain: 32517+ PTR? 158.78.55.87.in-addr.arpa. (43)
18:31:05.472462 IP 195.96.0.4.domain > [gentoo].38084: 19940 1/2/2 PTR 0x57374e9e.cpe.ge-0-1-0-1101.nynqu1.customer.tele.dk. (198)
18:31:05.473475 IP [gentoo].40963 > 195.96.0.4.domain: 44088+ PTR? 71.96.3.195.in-addr.arpa. (42)
18:31:05.478166 IP 195.96.0.4.domain > [gentoo].43428: 32517 1/2/2 PTR 0x57374e9e.cpe.ge-0-1-0-1101.nynqu1.customer.tele.dk. (198)
18:31:05.479091 IP [gentoo].44074 > 195.96.0.4.domain: 64289+ PTR? 71.96.3.195.in-addr.arpa. (42)
18:31:05.487214 IP 195.96.0.4.domain > [gentoo].40963: 44088 1/3/2 PTR email-aon.highway.telekom.at. (176)
18:31:05.487297 IP [gentoo].50115 > 195.96.0.4.domain: 52985+ PTR? 12.15.187.204.in-addr.arpa. (44)
18:31:05.492652 IP 195.96.0.4.domain > [gentoo].44074: 64289 1/3/2 PTR email-aon.highway.telekom.at. (176)
18:31:05.492876 IP [gentoo].33756 > 195.96.0.4.domain: 20592+ PTR? 12.15.187.204.in-addr.arpa. (44)
18:31:05.501782 IP 195.96.0.4.domain > [gentoo].50115: 52985 1/3/0 PTR forums.gentoo.org. (138)
18:31:05.505060 IP [gentoo].54050 > 195.96.0.4.domain: 32790+ PTR? 4.0.96.195.in-addr.arpa. (41)
18:31:05.508119 IP 195.96.0.4.domain > [gentoo].33756: 20592 1/3/0 PTR forums.gentoo.org. (138)
18:31:05.511739 IP [gentoo].34007 > 195.96.0.4.domain: 57694+ PTR? 4.0.96.195.in-addr.arpa. (41)
18:31:05.520277 IP 195.96.0.4.domain > [gentoo].54050: 32790 1/3/3 PTR cdns1.utanet.at. (178)
18:31:05.526297 IP 195.96.0.4.domain > [gentoo].34007: 57694 1/3/3 PTR cdns1.utanet.at. (178)
18:31:06.699101 IP [gentoo].33355 > 195.96.0.4.domain: 26315+ A? msv.dk. (24)
18:31:06.712082 IP 195.96.0.4.domain > [gentoo].33355: 26315 1/5/4 A 87.55.78.158 (228)
18:31:06.712366 IP [gentoo].47523 > 87.55.78.158.http: Flags [S], seq 1463422105, win 5520, options [mss 1380,sackOK,TS val 1932440 ecr 0,nop,wscale 7], length 0
18:31:06.799998 IP 87.55.78.158.http > [gentoo].47523: Flags [S.], seq 2234507994, ack 1463422106, win 64240, options [mss 1460,nop,wscale 0,nop,nop,TS val 0 ecr 0,nop,nop,sackOK], length 0
18:31:06.800040 IP [gentoo].47523 > 87.55.78.158.http: Flags [.], ack 1, win 44, options [nop,nop,TS val 1932528 ecr 0], length 0
18:31:06.800111 IP [gentoo].47523 > 87.55.78.158.http: Flags [P.], seq 1:115, ack 1, win 44, options [nop,nop,TS val 1932528 ecr 0], length 114
18:31:06.966848 IP 87.55.78.158.http > [gentoo].47523: Flags [.], seq 1:1369, ack 115, win 64126, options [nop,nop,TS val 22055299 ecr 1932528], length 1368
18:31:06.966888 IP [gentoo].47523 > 87.55.78.158.http: Flags [.], ack 1369, win 65, options [nop,nop,TS val 1932694 ecr 22055299], length 0
18:31:06.968241 IP 87.55.78.158.http > [gentoo].47523: Flags [P.], seq 1369:1760, ack 115, win 64126, options [nop,nop,TS val 22055299 ecr 1932528], length 391
18:31:06.968250 IP [gentoo].47523 > 87.55.78.158.http: Flags [.], ack 1760, win 86, options [nop,nop,TS val 1932696 ecr 22055299], length 0
18:31:06.968606 IP [gentoo].47523 > 87.55.78.158.http: Flags [F.], seq 115, ack 1760, win 86, options [nop,nop,TS val 1932696 ecr 22055299], length 0
18:31:07.056532 IP 87.55.78.158.http > [gentoo].47523: Flags [.], ack 116, win 64126, options [nop,nop,TS val 22055300 ecr 1932696], length 0
18:31:07.056638 IP 87.55.78.158.http > [gentoo].47523: Flags [F.], seq 1760, ack 116, win 64126, options [nop,nop,TS val 22055300 ecr 1932696], length 0
18:31:07.056660 IP [gentoo].47523 > 87.55.78.158.http: Flags [.], ack 1761, win 86, options [nop,nop,TS val 1932784 ecr 22055300], length 0
18:31:07.442804 IP [gentoo].51409 > 195.96.0.4.domain: 48522+ PTR? 3.1.168.192.in-addr.arpa. (42)
18:31:07.448324 IP [gentoo].34975 > 195.96.0.4.domain: 44986+ PTR? 3.1.168.192.in-addr.arpa. (42)
18:31:07.457689 IP 195.96.0.4.domain > [gentoo].51409: 48522 NXDomain 0/1/0 (119)
18:31:07.457835 IP [gentoo].43159 > 195.96.0.4.domain: 10518+ PTR? 158.78.55.87.in-addr.arpa. (43)
18:31:07.462471 IP 195.96.0.4.domain > [gentoo].34975: 44986 NXDomain 0/1/0 (119)
18:31:07.462545 IP [gentoo].58669 > 195.96.0.4.domain: 58141+ PTR? 158.78.55.87.in-addr.arpa. (43)
18:31:07.472304 IP 195.96.0.4.domain > [gentoo].43159: 10518 1/2/2 PTR 0x57374e9e.cpe.ge-0-1-0-1101.nynqu1.customer.tele.dk. (198)
18:31:07.473289 IP [gentoo].49688 > 195.96.0.4.domain: 61496+ PTR? 71.96.3.195.in-addr.arpa. (42)
18:31:07.477042 IP 195.96.0.4.domain > [gentoo].58669: 58141 1/2/2 PTR 0x57374e9e.cpe.ge-0-1-0-1101.nynqu1.customer.tele.dk. (198)
18:31:07.478027 IP [gentoo].50046 > 195.96.0.4.domain: 29561+ PTR? 71.96.3.195.in-addr.arpa. (42)
18:31:07.487999 IP 195.96.0.4.domain > [gentoo].49688: 61496 1/3/2 PTR email-aon.highway.telekom.at. (176)
18:31:07.488297 IP [gentoo].43499 > 195.96.0.4.domain: 18593+ PTR? 12.15.187.204.in-addr.arpa. (44)
18:31:07.493019 IP 195.96.0.4.domain > [gentoo].50046: 29561 1/3/2 PTR email-aon.highway.telekom.at. (176)
18:31:07.493309 IP [gentoo].37659 > 195.96.0.4.domain: 65062+ PTR? 12.15.187.204.in-addr.arpa. (44)
18:31:07.502627 IP 195.96.0.4.domain > [gentoo].43499: 18593 1/3/0 PTR forums.gentoo.org. (138)
18:31:07.505918 IP [gentoo].46243 > 195.96.0.4.domain: 28710+ PTR? 4.0.96.195.in-addr.arpa. (41)
18:31:07.507064 IP 195.96.0.4.domain > [gentoo].37659: 65062 1/3/0 PTR forums.gentoo.org. (138)
18:31:07.510370 IP [gentoo].54716 > 195.96.0.4.domain: 52560+ PTR? 4.0.96.195.in-addr.arpa. (41)
18:31:07.521155 IP 195.96.0.4.domain > [gentoo].46243: 28710 1/3/3 PTR cdns1.utanet.at. (178)
18:31:07.524995 IP 195.96.0.4.domain > [gentoo].54716: 52560 1/3/3 PTR cdns1.utanet.at. (178)
18:31:09.442378 IP [gentoo].53739 > 195.96.0.4.domain: 8970+ PTR? 3.1.168.192.in-addr.arpa. (42)
18:31:09.447950 IP [gentoo].53084 > 195.96.0.4.domain: 15589+ PTR? 3.1.168.192.in-addr.arpa. (42)
18:31:09.456189 IP 195.96.0.4.domain > [gentoo].53739: 8970 NXDomain 0/1/0 (119)
18:31:09.456400 IP [gentoo].53976 > 195.96.0.4.domain: 53336+ PTR? 158.78.55.87.in-addr.arpa. (43)
18:31:09.461583 IP 195.96.0.4.domain > [gentoo].53084: 15589 NXDomain 0/1/0 (119)
18:31:09.461746 IP [gentoo].40438 > 195.96.0.4.domain: 14895+ PTR? 158.78.55.87.in-addr.arpa. (43)
18:31:09.471170 IP 195.96.0.4.domain > [gentoo].53976: 53336 1/2/2 PTR 0x57374e9e.cpe.ge-0-1-0-1101.nynqu1.customer.tele.dk. (198)
18:31:09.472242 IP [gentoo].37032 > 195.96.0.4.domain: 34715+ PTR? 71.96.3.195.in-addr.arpa. (42)
18:31:09.476811 IP 195.96.0.4.domain > [gentoo].40438: 14895 1/2/2 PTR 0x57374e9e.cpe.ge-0-1-0-1101.nynqu1.customer.tele.dk. (198)
18:31:09.477786 IP [gentoo].49467 > 195.96.0.4.domain: 45090+ PTR? 71.96.3.195.in-addr.arpa. (42)
18:31:09.486748 IP 195.96.0.4.domain > [gentoo].37032: 34715 1/3/2 PTR email-aon.highway.telekom.at. (176)
18:31:09.486953 IP [gentoo].50531 > 195.96.0.4.domain: 46824+ PTR? 12.15.187.204.in-addr.arpa. (44)
18:31:09.492898 IP 195.96.0.4.domain > [gentoo].49467: 45090 1/3/2 PTR email-aon.highway.telekom.at. (176)
18:31:09.493049 IP [gentoo].55419 > 195.96.0.4.domain: 36227+ PTR? 12.15.187.204.in-addr.arpa. (44)
18:31:09.501067 IP 195.96.0.4.domain > [gentoo].50531: 46824 1/3/0 PTR forums.gentoo.org. (138)
18:31:09.504313 IP [gentoo].34420 > 195.96.0.4.domain: 4982+ PTR? 4.0.96.195.in-addr.arpa. (41)
18:31:09.507254 IP 195.96.0.4.domain > [gentoo].55419: 36227 1/3/0 PTR forums.gentoo.org. (138)
18:31:09.512417 IP [gentoo].48461 > 195.96.0.4.domain: 27994+ PTR? 4.0.96.195.in-addr.arpa. (41)
18:31:09.519278 IP 195.96.0.4.domain > [gentoo].34420: 4982 1/3/3 PTR cdns1.utanet.at. (178)
18:31:09.527484 IP 195.96.0.4.domain > [gentoo].48461: 27994 1/3/3 PTR cdns1.utanet.at. (178)
18:31:09.725046 IP [gentoo].51045 > [heating].http: Flags [S], seq 1522129830, win 5520, options [mss 1380,sackOK,TS val 1935452 ecr 0,nop,wscale 7], length 0
18:31:09.769776 IP [heating].http > [gentoo].51045: Flags [S.], seq 2297014131, ack 1522129831, win 576, options [mss 576], length 0
18:31:09.769823 IP [gentoo].51045 > [heating].http: Flags [.], ack 1, win 5520, length 0
18:31:09.769890 IP [gentoo].51045 > [heating].http: Flags [.], seq 1:289, ack 1, win 5520, length 288
18:31:09.769900 IP [gentoo].51045 > [heating].http: Flags [P.], seq 289:468, ack 1, win 5520, length 179
18:31:09.826884 IP [heating].http > [gentoo].51045: Flags [.], ack 289, win 576, length 0
18:31:09.910927 IP [heating].http > [gentoo].51045: Flags [P.], seq 1:523, ack 289, win 576, length 522
18:31:09.910977 IP [gentoo].51045 > [heating].http: Flags [.], ack 523, win 6264, length 0
18:31:09.916047 IP [heating].http > [gentoo].51045: Flags [.], ack 468, win 576, length 0
18:31:09.957045 IP [heating].http > [gentoo].51045: Flags [P.], seq 523:1014, ack 468, win 576, length 491
18:31:09.957078 IP [gentoo].51045 > [heating].http: Flags [.], ack 1014, win 7308, length 0
18:31:09.962100 IP [heating].http > [gentoo].51045: Flags [F.], seq 1014, ack 468, win 576, length 0
18:31:09.962235 IP [gentoo].51045 > [heating].http: Flags [F.], seq 468, ack 1015, win 7308, length 0
18:31:10.008274 IP [heating].http > [gentoo].51045: Flags [.], ack 469, win 576, length 0
18:31:11.443810 IP [gentoo].34576 > 195.96.0.4.domain: 60529+ PTR? 3.1.168.192.in-addr.arpa. (42)
18:31:11.448810 IP [gentoo].52811 > 195.96.0.4.domain: 8978+ PTR? 3.1.168.192.in-addr.arpa. (42)
18:31:11.458372 IP 195.96.0.4.domain > [gentoo].34576: 60529 NXDomain 0/1/0 (119)
18:31:11.458483 IP [gentoo].35831 > 195.96.0.4.domain: 8094+ PTR? 158.78.55.87.in-addr.arpa. (43)
18:31:11.462288 IP 195.96.0.4.domain > [gentoo].52811: 8978 NXDomain 0/1/0 (119)
18:31:11.462350 IP [gentoo].56246 > 195.96.0.4.domain: 32179+ PTR? 158.78.55.87.in-addr.arpa. (43)
18:31:11.472710 IP 195.96.0.4.domain > [gentoo].35831: 8094 1/2/2 PTR 0x57374e9e.cpe.ge-0-1-0-1101.nynqu1.customer.tele.dk. (198)
18:31:11.473733 IP [gentoo].53135 > 195.96.0.4.domain: 44705+ PTR? 71.96.3.195.in-addr.arpa. (42)
18:31:11.479079 IP 195.96.0.4.domain > [gentoo].56246: 32179 1/2/2 PTR 0x57374e9e.cpe.ge-0-1-0-1101.nynqu1.customer.tele.dk. (198)
18:31:11.480048 IP [gentoo].59485 > 195.96.0.4.domain: 19505+ PTR? 71.96.3.195.in-addr.arpa. (42)
18:31:11.489263 IP 195.96.0.4.domain > [gentoo].53135: 44705 1/3/2 PTR email-aon.highway.telekom.at. (176)
18:31:11.489358 IP [gentoo].45412 > 195.96.0.4.domain: 58737+ PTR? 12.15.187.204.in-addr.arpa. (44)
18:31:11.493763 IP 195.96.0.4.domain > [gentoo].59485: 19505 1/3/2 PTR email-aon.highway.telekom.at. (176)
18:31:11.494005 IP [gentoo].41370 > 195.96.0.4.domain: 53827+ PTR? 12.15.187.204.in-addr.arpa. (44)
18:31:11.503870 IP 195.96.0.4.domain > [gentoo].45412: 58737 1/3/0 PTR forums.gentoo.org. (138)
18:31:11.507422 IP [gentoo].56998 > 195.96.0.4.domain: 35226+ PTR? 4.0.96.195.in-addr.arpa. (41)
18:31:11.508786 IP 195.96.0.4.domain > [gentoo].41370: 53827 1/3/0 PTR forums.gentoo.org. (138)
18:31:11.511932 IP [gentoo].50503 > 195.96.0.4.domain: 55156+ PTR? 4.0.96.195.in-addr.arpa. (41)
18:31:11.521594 IP 195.96.0.4.domain > [gentoo].56998: 35226 1/3/3 PTR cdns1.utanet.at. (178)
18:31:11.526645 IP 195.96.0.4.domain > [gentoo].50503: 55156 1/3/3 PTR cdns1.utanet.at. (178)
18:31:11.581810 IP [gentoo].51046 > [heating].http: Flags [S], seq 1546371202, win 5520, options [mss 1380,sackOK,TS val 1937309 ecr 0,nop,wscale 7], length 0
18:31:11.628857 IP [heating].http > [gentoo].51046: Flags [S.], seq 2297015146, ack 1546371203, win 576, options [mss 576], length 0
18:31:11.628898 IP [gentoo].51046 > [heating].http: Flags [.], ack 1, win 5520, length 0
18:31:11.628959 IP [gentoo].51046 > [heating].http: Flags [.], seq 1:289, ack 1, win 5520, length 288
18:31:11.628968 IP [gentoo].51046 > [heating].http: Flags [P.], seq 289:478, ack 1, win 5520, length 189
18:31:11.684546 IP [heating].http > [gentoo].51046: Flags [.], ack 289, win 576, length 0
18:31:11.782473 IP [heating].http > [gentoo].51046: Flags [P.], seq 1:495, ack 289, win 576, length 494
18:31:11.782503 IP [gentoo].51046 > [heating].http: Flags [.], ack 495, win 6422, length 0
18:31:11.787241 IP [heating].http > [gentoo].51046: Flags [.], ack 478, win 576, length 0
18:31:11.793848 IP [heating].http > [gentoo].51046: Flags [F.], seq 495, ack 478, win 576, length 0
18:31:11.794001 IP [gentoo].51046 > [heating].http: Flags [F.], seq 478, ack 496, win 6422, length 0
18:31:11.841563 IP [heating].http > [gentoo].51046: Flags [.], ack 479, win 576, length 0
18:31:13.442607 IP [gentoo].36351 > 195.96.0.4.domain: 14127+ PTR? 3.1.168.192.in-addr.arpa. (42)
18:31:13.448625 IP [gentoo].44477 > 195.96.0.4.domain: 25898+ PTR? 3.1.168.192.in-addr.arpa. (42)
18:31:13.456192 IP 195.96.0.4.domain > [gentoo].36351: 14127 NXDomain 0/1/0 (119)
18:31:13.456341 IP [gentoo].37472 > 195.96.0.4.domain: 39641+ PTR? 158.78.55.87.in-addr.arpa. (43)
18:31:13.463117 IP 195.96.0.4.domain > [gentoo].44477: 25898 NXDomain 0/1/0 (119)
18:31:13.463196 IP [gentoo].35745 > 195.96.0.4.domain: 4293+ PTR? 158.78.55.87.in-addr.arpa. (43)
18:31:13.471388 IP 195.96.0.4.domain > [gentoo].37472: 39641 1/2/2 PTR 0x57374e9e.cpe.ge-0-1-0-1101.nynqu1.customer.tele.dk. (198)
18:31:13.472394 IP [gentoo].52365 > 195.96.0.4.domain: 1606+ PTR? 71.96.3.195.in-addr.arpa. (42)
18:31:13.477904 IP 195.96.0.4.domain > [gentoo].35745: 4293 1/2/2 PTR 0x57374e9e.cpe.ge-0-1-0-1101.nynqu1.customer.tele.dk. (198)
18:31:13.478902 IP [gentoo].50464 > 195.96.0.4.domain: 31913+ PTR? 71.96.3.195.in-addr.arpa. (42)
18:31:13.491585 IP 195.96.0.4.domain > [gentoo].52365: 1606 1/3/2 PTR email-aon.highway.telekom.at. (176)
18:31:13.491864 IP [gentoo].34279 > 195.96.0.4.domain: 22361+ PTR? 12.15.187.204.in-addr.arpa. (44)
18:31:13.493735 IP 195.96.0.4.domain > [gentoo].50464: 31913 1/3/2 PTR email-aon.highway.telekom.at. (176)
18:31:13.493864 IP [gentoo].42085 > 195.96.0.4.domain: 16839+ PTR? 12.15.187.204.in-addr.arpa. (44)
18:31:13.506205 IP 195.96.0.4.domain > [gentoo].34279: 22361 1/3/0 PTR forums.gentoo.org. (138)
18:31:13.510124 IP 195.96.0.4.domain > [gentoo].42085: 16839 1/3/0 PTR forums.gentoo.org. (138)
|
During this output I connected to the [heating] from my [gentoo] machine with firefox running. I received the login screen and logged in. I got the first menu level and clicked to one sub level and got the response that there is already a user logged in (which means that it does not accept the cookie).
Unfortunately there is also the traffic of my gentoo-forum session....
The requested cookie was "LHOJ"
I masked the IPs ba [heating] and [gentoo].
Peter _________________ [1]... AMD Phenon X4-9950 on asus M3N78-EM with 4 GB of RAM - gentoo 10.1 - kernel 2.6.32 - kde 4.3.4
[2]... AMD Athlon XP 2500+ mobile on ASUS A7N8X with 512 kB RAM and 2xTT S-2300 - vdr-1.6.0 based on gentoo-2008.0 |
|
Back to top |
|
|
madchaz l33t
Joined: 01 Jul 2003 Posts: 993 Location: Quebec, Canada
|
Posted: Tue Jul 06, 2010 7:13 pm Post subject: |
|
|
Linux (or gentoo) directly as nothing to do with cookie handling. That's your browser's job. The OS doesn't care about it.
Did you try to flush all cookies then try again? Made sure you properly loged out on the other machine?
Stupid questions, but who knows. _________________ Someone asked me once if I suffered from mental illness. I told him I enjoyed every second of it.
www.madchaz.com A small candle of a website. As my lab specs on it. |
|
Back to top |
|
|
Mad Merlin Veteran
Joined: 09 May 2005 Posts: 1155
|
Posted: Tue Jul 06, 2010 11:21 pm Post subject: |
|
|
stegerpl wrote: | @aC0Swt & Mad Merlin: is there a (simple) way to check the request header for the correct cookie ? Is it possible that there is an option somewhere within gentoo-linux which makes trouble with this request header (e.g. changing upper/lowe case) ?
Peter |
Use the Net tab in Firebug (a Firefox extension), it'll show you all the request and response headers. _________________ Game! - Where the stick is mightier than the sword! |
|
Back to top |
|
|
cach0rr0 Bodhisattva
Joined: 13 Nov 2008 Posts: 4123 Location: Houston, Republic of Texas
|
Posted: Wed Jul 07, 2010 12:02 am Post subject: |
|
|
with tcpdump it would be more useful if you saved the output to a file, and opened said file up with something like wireshark
e.g.
Code: |
tcpdump -s 0 -w gentoocookie.cap
|
(reproduce the issue, then CTRL+C)
You may even be able to send those guys your packet capture and have them tell you exactly what is broken.
If you posted the capture for us it would reveal too much information of course. But viewing the raw header content in something like Wireshark will show much more information.
You can compare the view in wireshark (easiest: right-click on the request, 'Follow TCP stream') on the gentoo box to that taken from a Windows box. Or, again, maybe your vendor will look at your packet capture and tell you what is wrong _________________ Lost configuring your system?
dump lspci -n here | see Pappy's guide | Link Stash |
|
Back to top |
|
|
stegerpl Apprentice
Joined: 25 Jun 2005 Posts: 185 Location: 48°19'30"N 14°20'18"E
|
Posted: Wed Jul 07, 2010 4:16 pm Post subject: |
|
|
Hi,
madchaz wrote: | Linux (or gentoo) directly as nothing to do with cookie handling. That's your browser's job. The OS doesn't care about it. |
That was also my opinion until I tried to connect with IE from windoof within vmware... I also expected that switching to another browser (opera, konqueror) should help - but nothing. In fact there has to be something wrong within the web-interface of the heating and (gentoo)Linux seems to be more sensistive - but what could this be?
Quote: | Did you try to flush all cookies then try again? Made sure you properly loged out on the other machine?. | Yes & Yes
@MadMerlin: Firebug... I will check... Thanks for the info
@cach0rr0: Wireshark... I will check... Thanks for the info
Peter _________________ [1]... AMD Phenon X4-9950 on asus M3N78-EM with 4 GB of RAM - gentoo 10.1 - kernel 2.6.32 - kde 4.3.4
[2]... AMD Athlon XP 2500+ mobile on ASUS A7N8X with 512 kB RAM and 2xTT S-2300 - vdr-1.6.0 based on gentoo-2008.0 |
|
Back to top |
|
|
stegerpl Apprentice
Joined: 25 Jun 2005 Posts: 185 Location: 48°19'30"N 14°20'18"E
|
Posted: Wed Jul 07, 2010 6:16 pm Post subject: |
|
|
Hi,
with wireshar I found the following discrepancy in the tcp-traffic:
heating => PC: Set-Cookie: TAID="KTQE";\r\n
PC => heating: Cookie: TAID="KTQE"\r\n
The difference is the semicolon - however I do no know if it realy gives an effect - anybody knows more?
Peter _________________ [1]... AMD Phenon X4-9950 on asus M3N78-EM with 4 GB of RAM - gentoo 10.1 - kernel 2.6.32 - kde 4.3.4
[2]... AMD Athlon XP 2500+ mobile on ASUS A7N8X with 512 kB RAM and 2xTT S-2300 - vdr-1.6.0 based on gentoo-2008.0 |
|
Back to top |
|
|
szmytson n00b
Joined: 29 Apr 2009 Posts: 20 Location: UK
|
Posted: Thu Jul 08, 2010 4:10 pm Post subject: |
|
|
Generally, madchaz is right - it most probably is not OS related.
1. Try using different browser on your Windows box (FF, Opera)
2. If you want to digg in further install tcpdump on the Windows box, dump the web traffic to a file and compare it with the one from Linux |
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
|