Internet Related/Filtering/Firewall Thread, Smoothwall and some sites not rendering correctly in Technical; On our smoothwall we gets sites that just don't render correctly - as if their css file was missing. When ...
9th June 2011, 09:12 AM #1
Smoothwall and some sites not rendering correctly
On our smoothwall we gets sites that just don't render correctly - as if their css file was missing. When this happens checking the web log shows nothing being blocked and the site isn't specifically mentioned in our rules
In fact, the live web log view shows 'ok' for the url as the user views it - except the site is rendered messily (i.e menus don't work, image aligned incorrectly etc)
If I put a top level allow rule for this site it generally works, but why? How can I tell what is being blocked by the smoothwall box when nothing is showing in the logs?
I've also noticed that some sites webcam streams fail in the same way - the webcam times out but nothing is showing as being blocked?
Last edited by Sheridan; 9th June 2011 at 09:16 AM.
9th June 2011, 10:44 AM #2
- Rep Power
I had a similar issue with sites not loading properly which was very frustrating for my ICT department when they were teaching about web design! I found that it was a content security policy that was restricting it... I would remove all content security on a test login and slowly re-instate each security category of that polciy until you find the offending one... I just cheated and switched off most of it and i haven't had any issues...
Very frustrating that the logs don't show the site being blocked by that policy...
Hope it helps...
Thanks to andyfield from:
9th June 2011, 11:34 AM #3
I'll check that out - I've got the default set of security rules enabled.
Problem with the webcam seems to be its bypassing Smoothwall (ie. using a seperate protocol), but I can see any failed access on the firewall.
Edit: Its an odd one this. It seems like the webcam uses Adobe Flash (which I believe is RTMP on port 1935), now I have a rule on our ISA box to allow RMTP out directly but it doesn't appear to be blocked by smoothwall, nor hitting the isa box. I can't tell what IE is trying to do with the stream?
Last edited by Sheridan; 9th June 2011 at 12:00 PM.
9th June 2011, 12:37 PM #4
As for webcams.. could be RTSP.. or RTMP 554 and 1492 i think
9th June 2011, 12:59 PM #5
It seems it was the security rules that caused the 'mangling' - the CSS cross scripting rule seems to be the culprit.
As for the webcams, I can't see anything hitting the firewall that is RTMP (1935) or RSTP (554) at all, very odd. Channel4 OD uses RTMP and that works fine.
9th June 2011, 02:04 PM #6
I've had to admit defeat on this webcam problem. The webcam stream is an Adobe Flash Player one. The smoothwall box isn't blocking anything that I can and nothing is hitting the firewall when the client is trying to connect. The smoothwall box shows lots of traffic to the webcam site but nothing being denied whereas the firewall shows nothing so I'm guessing its using port 80/443.
9th June 2011, 03:04 PM #7
Any way we could replicate this webcam nonsense in-house?
Have you had good old wireshark at it?
PS. Bad Sheridan! Defeat is not an option!
9th June 2011, 03:59 PM #8
Sheridan is tired!
I ran Wireshark and it simply shows a lot of access to the smoothwall proxy - and nothing else to an external ip as far as I can see.
9th June 2011, 05:34 PM #9
Maybe we'll let you off, you were only conceding defeat in front of your fellow 'geek - so no harm done to the collective rep
Email me the packet dump if you like, see if I can make any sense of it.
10th June 2011, 10:40 AM #10
I tried the site in question at home and the webcams do work fine, using the Media Player extension plugin. I'll get Wireshark back onto the case again!
12th June 2011, 10:13 PM #11
Have you tried a different browser?
Thought I had a similar one recently.. nothing getting logged in smoothwall anywhere. Turns out it was a bug in IE (or a recent IE update) that broke rendering on some websites
13th June 2011, 11:09 AM #12
It does the same thing in firefox as well - the webcam plugin just sits there saying 'loading'. Externally I've tested with IE, firefox and seamonkey and they all work OK.
All I can see in wireshark is access to the smoothwall box as a proxy.
Actually, since we installed the smoothwall box google maps has never worked either. We always get the 'Still loading' message whatever browser we use - even when maps.google.com is given a top level 'Allow'
I've now tried on a seperate smoothwall box - which has no Deny rules at all. Same result. Nothing logged either.
Last edited by Sheridan; 13th June 2011 at 12:10 PM.
13th June 2011, 04:14 PM #13
Sheridan, I think you were on the right track earlier in-thread when you mentioned content modification rules.
14th June 2011, 09:36 AM #14
I've attached the log from when I try to hit the site with the webcam that is failing.
Nothing in the log that I can see seems to suggest anything being blocked?
By dhicks in forum Internet Related/Filtering/Firewall
Last Post: 28th November 2009, 04:11 PM
By adhutton in forum Internet Related/Filtering/Firewall
Last Post: 2nd October 2009, 09:56 AM
By mmoseley in forum Internet Related/Filtering/Firewall
Last Post: 27th March 2009, 10:25 AM
By ssiruuk2 in forum *nix
Last Post: 2nd January 2009, 02:05 PM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)