| ECS Home Automation and Security Archives |
| Subject: From: Date: | RE: [ecsl] DirecWay IP issue Mark Gilmore Wed, 12 Mar 2003 06:04:07 -0800 |
Hi Martin,
That is what I was testing previously via those specially-created
"Parameter:...Port" Objects.
This was to force my JAVA to use ports 87 & 87 (with HTTP using 89).
I just downloaded your home.htm via my web-page download program (all C,
written by me).
The resulting HTTP log entries (in YOUR log) listed IPs which were
consistent with
others we have seen from I.E. requests.
So I can only suspect one of 2 things:
1) JAVA connects are somehow "different" from others.
2) DirecWay is literally inspecting the traffic, detecting a
non-HTTP connection,
and "re-directing" to another IP (via a close/re-open??).
I'm researching the JAVA socket stuff.
Also redirecting this thread to ecs@netbloc.com.
You should get TWO messages (one to the list and a CC to you).
At 09:41 PM 3/11/2003 -0800, you wrote:
>Well, you are communicating your question, but I (like you) just refuse to
>acknowledge the psychic powers that DirecWay is exhibiting, so I figure it
>must be something else!
>
>The packets going to the network from your PC have the IP target address
>and the port number. right? So DirecWay could choose to have have some
>ports handled by one proxy, and other ports handled by another - so the
>host site (e.g. me)would see two different IP addresses. We could test
>that by switching the web port to 87 and the stream port to 89. Might also
>be something to do with cutting down the satellite round-trip latency - it
>is almost a second for a round trip otherwise.
>
>Sound plausibe? It feels like a bit of a thin explanation to me!
>
>BTW, with the reloads I may have lost the passwords so please have another
>crack and let me know if you can at least log in.
>
>
>
>
>
>-----Original Message-----
>From: Mark Gilmore [mailto:mark@markgilmore.net]
>Sent: Tuesday, March 11, 2003 8:41 PM
>To: ecsl@netbloc.com
>Cc: michaeldavid@brightlinemedia.com
>Subject: RE: [ecsl] DirecWay IP issue
>
>
>Hi Martin,
>I can change the design to handle it if I must, but I will probably do
>without,
>as it only effects MY ability to see remote sites and I don't want to
>"corrupt"
>the design just for me.
>
>I don't think I'm communicating regarding my question :-):
>Regardless of what tricks DirecWay does with whatever,
>my point is that it assigns a single IP to consecutive browser connections,
>and it assigns another single IP to my 2 JAVA connections.
>So DirecWay is somehow distinguishing btw the two types of connections.
>The only way it could detect a connection used for HTTP requests is to
>inspect the commands sent to/from the socket. And it could only do this
>AFTER the connection is established (too late to change it).
>That's what's driving me nuts. HOW does it know ???
>
>At 07:16 PM 3/11/2003 -0800, you wrote:
>
> >I think that it doesn't care, but something else is going on. Do you know
> >what IP address you appear to the outside world as right now?
> >
> >And here's a hint:
> >
> >"It has been the experience of DirecWay users that when they are NOT using
> >the proxy AND they have a public IP address ending in a single digit, they
> >are "nated" or are sharing the address with many other users. If that
> >address when not using the proxy ends in some other multi digit octet,
> >they are "un-nated" and have a unique IP. During these times you will see
> >many hits on your firewall as your computer is completely exposed to the
> >Internet, and all the port scanning traffic."
> >
> >
> >I suppose the proxy server could be routing HTTP through one address, and
> >everything else through another. Anything easy in settings to make ECS
> >work with split addresses?
> >
> >
> >
> >-----Original Message-----
> >From: Mark Gilmore [mailto:mark@markgilmore.net]
> >Sent: Tuesday, March 11, 2003 6:28 PM
> >To: ecsl@netbloc.com
> >Subject: RE: [ecsl] DirecWay IP issue
> >
> >
> >Hi Martin,
> >A IPCONFIG/ALL lists:
> > Windows IP Configuration
> > Ethernet adapter Local Area Connection:
> > Connection-specific DNS Suffix . :
> > IP Address. . . . . . . . . . . . : 192.168.1.2
> > Subnet Mask . . . . . . . . . . . : 255.255.255.0
> > Default Gateway . . . . . . . . . :
> > Ethernet adapter DIRECWAY Satellite Connection:
> > Connection-specific DNS Suffix . : direcway.com
> > IP Address. . . . . . . . . . . . : 10.4.65.111
> > Subnet Mask . . . . . . . . . . . : 255.255.255.0
> > Default Gateway . . . . . . . . . : 66.82.157.41
> >
> >But I ask again:
> >How does DirecWay distinguish btw an IE browser connection and my JAVA
> >connections ?
> >Is this not the critical question to be resolved ?
> >Thanks,
> >
> >At 05:45 PM 3/11/2003 -0800, you wrote:
> >
> > >The "tracing" is the path that your packets take across the network.
> > >
> > >It could well be a proxy server issue. A proxy server "pretends" to be
> > >you, and issues browser requests under its own signature, which it then
> > >feeds back to you. Still doesn't really explain the duplicate adresses.
> > >
> > >Next step:
> > >
> > >Open a DOS window
> > >ipconfig /all
> > >
> > >send what you see ( a few pages of stuff). Might help us figure out a path
> > >through.
> > >
> > >Then, we'll see what request are you and what are other. What's scary is
> > >that you came to my system with yet another address, 66.82.9.31 -
> > >suggesting really dynamic IP (those of us with cable modem get a new
> > >address a few times a year).
> > >
> > >
> > >
> > >-----Original Message-----
> > >From: Mark Gilmore [mailto:mark@markgilmore.net]
> > >Sent: Tuesday, March 11, 2003 4:37 PM
> > >To: ecsl@netbloc.com
> > >Subject: RE: [ecsl] DirecWay IP issue
> > >
> > >
> > >Hi Martin,
> > >One socket is for a Property-update "stream",
> > >and the other is for commands which require a response from ECS.
> > >Is that what you meant ?
> > >btw, I really don't follow what this tracing implies.
> > >I am still obsessed with determining how DirecWay magically distinguishes
> > >btw IE browser connections and my JAVA connections.
> > >I could easily be missing something, but it seems to me that all else
> > >is academic.
> > >
> > >At 03:44 PM 3/11/2003 -0800, you wrote:
> > >
> > >
> > > >I can trace through to:
> > > >
> > > >
> > > > 17 83 ms 84 ms 87 ms 172.24.20.73
> > > > 18 84 ms 84 ms 84 ms 172.24.24.68
> > > > 19 84 ms 84 ms 83 ms dpc6682009033.direcpc.com [66.82.9.33]
> > > >
> > > >But the other address,
> > > >
> > > >Tracing route to dpc6682208001.direcpc.com [66.82.208.1]
> > > >
> > > > 16 84 ms 83 ms 83 ms unknown.Level3.net [63.215.128.130]
> > > > 17 83 ms 83 ms 83 ms 172.24.20.65
> > > > 18 83 ms 83 ms 84 ms 172.23.6.2
> > > > 19 * * * Request timed out.
> > > > 20 * * * Request timed out.
> > > >
> > > >Times out.
> > > >
> > > >What I don't understand is why you have TWO paths to these addresses.
> > > >
> > > >
> > > >---
> > > >Incoming mail is certified Virus Free.
> > > >Checked by AVG anti-virus system (http://www.grisoft.com).
> > > >Version: 6.0.459 / Virus Database: 258 - Release Date: 2/25/2003
> > >
> > >Mark Gilmore
> > >http://OmnipotenceSoftware.com
> > >
> > >
> > >---
> > >Incoming mail is certified Virus Free.
> > >Checked by AVG anti-virus system (http://www.grisoft.com).
> > >Version: 6.0.459 / Virus Database: 258 - Release Date: 2/25/2003
> >
> >Mark Gilmore
> >http://OmnipotenceSoftware.com
> >
> >
> >---
> >Incoming mail is certified Virus Free.
> >Checked by AVG anti-virus system (http://www.grisoft.com).
> >Version: 6.0.459 / Virus Database: 258 - Release Date: 2/25/2003
>
>Mark Gilmore
>http://OmnipotenceSoftware.com
>
>
>---
>Incoming mail is certified Virus Free.
>Checked by AVG anti-virus system (http://www.grisoft.com).
>Version: 6.0.459 / Virus Database: 258 - Release Date: 2/25/2003
Mark Gilmore
http://OmnipotenceSoftware.com
--- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.459 / Virus Database: 258 - Release Date: 2/25/2003