Also, Something that has tripped me up in the past when telneting to port 80 is transparent proxies.
But using http 1.1 and not just typing GET, will work. Good luck, Greg. On Tue, 4 May 2004 10:09 am, Robert Collins wrote: > On Tue, 2004-05-04 at 09:30, Peter Rundle wrote: > > Sluggers, > > > > I'm hoping that someone can shed some light on this problem, otherwise I > > must be going mad. > > > > I have two linux boxen, one of which is an internet gateway masquerading > > for the other using iptables. When I try to access a web site using > > Mozilla from the masqueraded box it fails miserably waiting forever for > > the reply packets. However, if I telnet to port 80 of the site I get an > > immediate response. I can also ssh out to other servers on the net no > > problems. Now before you jump to any conclusions, the advanced proxy > > settings in Mozilla are set to direct connection to the internet. > > > > Now things get really weird. If I run squid on the gateway and use an > > iptables redirect of 80 to 3128 (Rob's comments about transparent > > proxying not withstanding) then Mozilla is happy as Larry. ??? > > Ok, here's a checklist to run on the machine running mozilla (with the > interception rule in iptables disabled) > 1) dig/host/ping bad-wed-address > we are just looking for correct name resolution - we don't need to > actually ping. > 2) telnet <address> 80 > type in between the ==='s (case unfortunately matters on some > servers): > === > GET / HTTP/1.1 > Host: <the-host> > > ==== > > If this gives you the web page, then mozilla is whacked. Chances are > though that something will break. > > If everything is fine until the second CR, then you probably have a MTU > issue. See man iptables and put a MSS clamp rule in as they describe. > > Rob -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
