2019-09-07 - Re: Non HTTPS sites are not working

Header Data

From: SK NZ <sa***m@gmail.com>
Message Hash: e32d32d6b89f33e82fcd05e2e093c9fbe4ce92f572525fbaf03980d3ca2d46a7
Message ID: <f2746233-d9f8-4e68-a05f-189733dff8de@grasehotspot.org>
Reply To: <21875492-7c0a-4785-a8ab-f04b26a4ddda@grasehotspot.org>
UTC Datetime: 2019-09-07 07:45:13 UTC
Raw Date: Sat, 07 Sep 2019 07:45:13 -0700

Raw message

Hello,
I replaced *AP* with *Computer* for testing. So now Grase Hotspot Server is 
directly wired to a Laptop. I tried to browse HTTP/HTTPS sites in the 
Windows 8 Laptop, HTTPS sites are loading fine, even I can browse IP:5500 
site!  I cannot visit any HTTP site. This is clearly ruled out AP issue.  
One the other hand, I can browse HTTP/HTTPS using LYNX in the Grase Hotspot 
Server.

This could be a SQUID issue?

I've two NIC, *eth0* configured for WAN(to router LAN port) and *eth1* 
configured for Grase Hotspot LAN(AP). 

-P INPUT ACCEPT
> -P FORWARD ACCEPT
> -P OUTPUT ACCEPT
> -A INPUT -i eth1 -j DROP
> -A INPUT -d 10.1.0.1/32 -i tun0 -p icmp -j ACCEPT
> -A INPUT -d 10.1.0.1/32 -i tun0 -p udp -m udp --dport 53 -j ACCEPT
> -A INPUT -d 10.1.0.1/32 -i tun0 -p udp -m udp --dport 67:68 -j ACCEPT
> -A INPUT -d 255.255.255.255/32 -i tun0 -p udp -m udp --dport 67:68 -j 
> ACCEPT
> -A INPUT -d 10.1.0.1/32 -i tun0 -p tcp -m tcp --dport 3128 -j ACCEPT
> -A INPUT -d 10.1.0.1/32 -i tun0 -p tcp -m tcp --dport 3990 -j ACCEPT
> -A INPUT -d 10.1.0.1/32 -i tun0 -p tcp -m tcp --dport 53 -j ACCEPT
> -A INPUT -d 10.1.0.1/32 -i tun0 -p tcp -m tcp --dport 2812 -j ACCEPT
> -A INPUT -d 10.1.0.1/32 -i tun0 -p tcp -m tcp --dport 22 -j ACCEPT
> -A INPUT -d 10.1.0.1/32 -i tun0 -p tcp -m tcp --dport 443 -j ACCEPT
> -A INPUT -d 10.1.0.1/32 -i tun0 -p tcp -m tcp --dport 80 -j ACCEPT
> -A INPUT -d 10.1.0.1/32 -i tun0 -p tcp -m tcp --dport 4990 -j ACCEPT
> -A INPUT -d 10.1.0.1/32 -i tun0 -p tcp -m tcp --dport 3990 -j ACCEPT
> -A INPUT -d 10.1.0.1/32 -i tun0 -j DROP
> -A FORWARD -i tun0 -o eth0 -j ACCEPT
> -A FORWARD -i tun0 ! -o eth0 -j DROP
> -A FORWARD -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS 
> --clamp-mss-to-pmtu
> -A FORWARD -o tun0 -j ACCEPT
> -A FORWARD -i tun0 -j ACCEPT
> -A FORWARD -o eth1 -j DROP
> -A FORWARD -i eth1 -j DROP


and ifconfig

eth0      Link encap:Ethernet  HWaddr d8:cb:8a:53:b5:ff
>           inet addr:192.168.0.100  Bcast:192.168.0.255  Mask:255.255.255.0
>           inet6 addr: fe80::dacb:8aff:fe53:b5ff/64 Scope:Link
>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>           RX packets:36385 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:21295 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:1000
>           RX bytes:20320392 (19.3 MiB)  TX bytes:3860264 (3.6 MiB)
> eth1      Link encap:Ethernet  HWaddr 00:e0:4c:53:44:58
>           inet6 addr: fe80::2e0:4cff:fe53:4458/64 Scope:Link
>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>           RX packets:31776 errors:58 dropped:16 overruns:17 frame:87
>           TX packets:31316 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:1000
>           RX bytes:4663037 (4.4 MiB)  TX bytes:20131262 (19.1 MiB)
> lo        Link encap:Local Loopback
>           inet addr:127.0.0.1  Mask:255.0.0.0
>           inet6 addr: ::1/128 Scope:Host
>           UP LOOPBACK RUNNING  MTU:65536  Metric:1
>           RX packets:759 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:759 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:0
>           RX bytes:154270 (150.6 KiB)  TX bytes:154270 (150.6 KiB)
> tun0      Link encap:UNSPEC  HWaddr 
> 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
>           inet addr:10.1.0.1  P-t-P:10.1.0.1  Mask:255.255.255.0
>           UP POINTOPOINT RUNNING  MTU:1500  Metric:1
>           RX packets:23123 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:29580 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:100
>           RX bytes:3592912 (3.4 MiB)  TX bytes:19552030 (18.6 MiB)



Support Data : https://paste.grasehotspot.org/view/e56ddd33




On Saturday, September 7, 2019 at 6:23:49 PM UTC+6, christopher wrote:
>
> Hello,
>
> Ack, I am running out of ideas here.  
>
> Go back to the iptable rules and make sure that the ethernet devices match 
> for the http and https.
>
> Also check in the admin panel of grase as administrator that the cards are 
> correct.
>
> Regards,
>
> Christopher.
>
> On Saturday, 7 September 2019 22:21:38 UTC+12, SK NZ wrote:
>>
>> In a freshly installed Grase Hotspot server, I can connect to an AP. I 
>> can browse *https sites*... But *non-https sites* are not loading at 
>> all. I tried from different devices and different browsers. Any 
>> suggestions? 
>>
>> Support data : https://paste.grasehotspot.org/view/e56ddd33
>>
>

Thread

• Return to September 2019

• Return to “christopher <me***e@pc-networking-services.com>”

• Return to “SK NZ <sa***m@gmail.com>”

• 2019-09-07 (Sat, 07 Sep 2019 03:21:38 -0700) - Non HTTPS sites are not working - SK NZ <sa***m@gmail.com>
  • 2019-09-07 (Sat, 07 Sep 2019 03:43:48 -0700) - Re: Non HTTPS sites are not working - christopher <me***e@pc-networking-services.com>
    • 2019-09-07 (Sat, 07 Sep 2019 04:17:23 -0700) - Re: Non HTTPS sites are not working - SK NZ <sa***m@gmail.com>
  • 2019-09-07 (Sat, 07 Sep 2019 04:24:00 -0700) - Re: Non HTTPS sites are not working - christopher <me***e@pc-networking-services.com>
    • 2019-09-07 (Sat, 07 Sep 2019 04:45:28 -0700) - Re: Non HTTPS sites are not working - SK NZ <sa***m@gmail.com>
  • 2019-09-07 (Sat, 07 Sep 2019 04:51:25 -0700) - Re: Non HTTPS sites are not working - christopher <me***e@pc-networking-services.com>
    • 2019-09-07 (Sat, 07 Sep 2019 05:18:46 -0700) - Re: Non HTTPS sites are not working - SK NZ <sa***m@gmail.com>
  • 2019-09-07 (Sat, 07 Sep 2019 05:23:49 -0700) - Re: Non HTTPS sites are not working - christopher <me***e@pc-networking-services.com>
    • 2019-09-07 (Sat, 07 Sep 2019 07:45:13 -0700) - Re: Non HTTPS sites are not working - SK NZ <sa***m@gmail.com>
      • 2019-09-07 (Sat, 07 Sep 2019 08:40:01 -0700) - Re: Non HTTPS sites are not working - christopher <me***e@pc-networking-services.com>
        • 2019-09-07 (Sat, 07 Sep 2019 08:55:27 -0700) - Re: Non HTTPS sites are not working - SK NZ <sa***m@gmail.com>
          • 2019-09-07 (Sat, 07 Sep 2019 11:30:56 -0700) - Re: Non HTTPS sites are not working - SK NZ <sa***m@gmail.com>
            • 2019-09-07 (Sat, 07 Sep 2019 21:40:14 -0700) - Re: Non HTTPS sites are not working - christopher <me***e@pc-networking-services.com>
              • 2019-09-07 (Sat, 07 Sep 2019 21:58:50 -0700) - Re: Non HTTPS sites are not working - SK NZ <sa***m@gmail.com>
            • 2019-09-07 (Sat, 07 Sep 2019 21:58:36 -0700) - Re: Non HTTPS sites are not working - christopher <me***e@pc-networking-services.com>
              • 2019-09-07 (Sat, 07 Sep 2019 22:16:58 -0700) - Re: Non HTTPS sites are not working - SK NZ <sa***m@gmail.com>