Package: firestarter Version: 1.0.3-8 Severity: normal I've had problems browsing some web pages that use https protocol. The browser tries to load the page but eventually there is a time out or some simple parts of the screen are shown but it's basically unusable. This issue happens irrespective of the browser (tested iceweasel, chrome and epiphany).
After investigation it seems that firestarted is blocking the ACK SYN package from the site not loading properly. E.g. I can't load https://discussions.apple.com but I get a lot of this on syslog May 6 22:09:22 localhost kernel: [ 1275.643408] Inbound IN=eth1 OUT= MAC=00:24:8c:b1:0f:90:00:02:cf:54:e2:ef:08:00 SRC=2.20.1.54 DST=192.168.100.6 LEN=44 TOS=0x00 PREC=0x00 TTL=60 ID=0 DF PROTO=TCP SPT=443 DPT=39816 WINDOW=14600 RES=0x00 ACK SYN URGP=0 There are other sites that have this issue. However, there are also https sites that I can load properly such as https://www.nebula.fi/ I believe firestarter should recognize this is the connections I asked for and let these packages pass. Not sure why it's blocking them. -- System Information: Debian Release: 6.0.4 APT prefers stable APT policy: (990, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-0.bpo.1-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages firestarter depends on: ii gconf2 2.28.1-6 GNOME configuration database syste ii gksu 2.0.2-5 graphical frontend to su ii iptables 1.4.8-3 administration tools for packet fi ii libart-2.0-2 2.3.21-1 Library of functions for 2D graphi ii libatk1.0-0 1.30.0-1 The ATK accessibility toolkit ii libbonobo2-0 2.24.3-1 Bonobo CORBA interfaces library ii libbonoboui2-0 2.24.3-1 The Bonobo UI library ii libc6 2.11.3-2 Embedded GNU C Library: Shared lib ii libcairo2 1.10.2-7~bpo60+1 The Cairo 2D vector graphics libra ii libfontconfig1 2.8.0-2.1 generic font configuration library ii libfreetype6 2.4.2-2.1+squeeze4 FreeType 2 font engine, shared lib ii libgconf2-4 2.28.1-6 GNOME configuration database syste ii libglade2-0 1:2.6.4-1 library to load .glade files at ru ii libglib2.0-0 2.24.2-1 The GLib library of C routines ii libgnome2-0 2.30.0-1 The GNOME library - runtime files ii libgnomecanvas2-0 2.30.1-1 A powerful object-oriented display ii libgnomeui-0 2.24.3-1 The GNOME libraries (User Interfac ii libgnomevfs2-0 1:2.24.3-1 GNOME Virtual File System (runtime ii libgtk2.0-0 2.20.1-2 The GTK+ graphical user interface ii libice6 2:1.0.6-2 X11 Inter-Client Exchange library ii liborbit2 1:2.14.18-0.1 libraries for ORBit2 - a CORBA ORB ii libpango1.0-0 1.28.3-1+squeeze2 Layout and rendering of internatio ii libpopt0 1.16-1 lib for parsing cmdline parameters ii libsm6 2:1.1.1-1 X11 Session Management library ii libx11-6 2:1.3.3-4 X11 client-side library ii libxml2 2.7.8.dfsg-2+squeeze3 GNOME XML library ii lsb-base 3.2-23.2squeeze1 Linux Standard Base 3.2 init scrip ii zlib1g 1:1.2.3.4.dfsg-3 compression library - runtime firestarter recommends no packages. Versions of packages firestarter suggests: pn dhcp3-server <none> (no description available) -- no debconf information -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
