[SOLVED] CentOS 6.5 download issues

Issues related to configuring your network
vladguan
Posts: 9
Joined: 2014/09/11 08:11:29

[SOLVED] CentOS 6.5 download issues

Post by vladguan » 2014/09/11 08:31:49

Hi All,
I have an issue with our CentOS 6.5 installation to do with downloading files. Mods please feel free to move this post to another section if it is in the wrong section.

The CentOS 6.5 server is acting as a proxy with Squid installed to isolate our test network from our main network (which is connected to the internet). On our test network, we mainly have Windows machines (2008 R2 and 7 Ent) as well as other CentOS 6.5 and Macs. We have a Sophos server that is licensed to protect Windows, Linux and Mac OS X. The proxy is set up correctly as everyone on the test network can access the internet. The issue is the Sophos fails to download the initial binaries for the Mac OS X subscription. It has no issues with the Windows and Linux subscriptions.

I have been doing lots of testing and have concluded with the following:
1. The issue is with the CentOS 6.5 proxy. However, it is not squid that is preventing the download. The downloads are what are known as Mach-O binaries.
2. I have set up a standard CentOS 6.5 desktop install on our main network (so bypassing proxy) and it also has difficulty downloading these files (via wget and browser).
3. An Ubuntu PC on our main network is able to download these files (via wget and broweser).
4. The only way that I am able to download these files on a CentOS 6.5 server (and on our test network), is via https (using wget and browsers).

The following is the output using wget with http:

Code: Select all

Setting --verbose (verbose) to 1
DEBUG output created by Wget 1.12 on linux-gnu.

--2014-08-21 12:22:21--  http://d1.sophosupd.com/update/639f8414c87cfb8f1c00595b74fb6374x000.dat
Resolving d1.sophosupd.com... 125.56.204.202, 125.56.204.80
Caching d1.sophosupd.com => 125.56.204.202 125.56.204.80
Connecting to d1.sophosupd.com|125.56.204.202|:80... connected.
Created socket 3.
Releasing 0x0000000000c5f600 (new refcount 1).

---request begin---
GET /update/639f8414c87cfb8f1c00595b74fb6374x000.dat HTTP/1.0
User-Agent: Wget/1.12 (linux-gnu)
Accept: */*
Host: d1.sophosupd.com
Connection: Keep-Alive

---request end---
HTTP request sent, awaiting response... Read error (Connection reset by peer) in headers.
Closed fd 3
Retrying.
The following will work:

Code: Select all

wget --no-check-certificate https://d1.sophosupd.com/update/639f8414c87cfb8f1c00595b74fb6374x000.dat
As mentioned above, on a test CentOS 6.5 machine on the main network which has direct access to the internet, with iptables, ip6tables and selinux disabled, I still cannot download these files. Does anyone know what on a CentOS 6.5 install that is blocking the downloading of Mach-O binaries? I have posted this question on LinuxQuestions without answer.

Kind Regards,
Vlad

User avatar
TrevorH
Forum Moderator
Posts: 24322
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: CentOS 6.5 download issues

Post by TrevorH » 2014/09/11 11:04:57

As a data point from a CentOS 6.5 system here that's fully up to date:

Code: Select all

$ wget http://d1.sophosupd.com/update/639f8414c87cfb8f1c00595b74fb6374x000.dat
--2014-09-11 12:03:58--  http://d1.sophosupd.com/update/639f8414c87cfb8f1c00595b74fb6374x000.dat
Resolving d1.sophosupd.com... 62.252.169.11, 62.252.169.43
Connecting to d1.sophosupd.com|62.252.169.11|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 2360464 (2.3M) [application/octet-stream]
Saving to: `639f8414c87cfb8f1c00595b74fb6374x000.dat'

100%[=========================================================================>] 2,360,464   9.27M/s   in 0.2s    

2014-09-11 12:03:59 (9.27 MB/s) - `639f8414c87cfb8f1c00595b74fb6374x000.dat' saved [2360464/2360464]
CentOS 5 died in March 2017 - migrate NOW!
Full time Geek, part time moderator. Use the FAQ Luke

vladguan
Posts: 9
Joined: 2014/09/11 08:11:29

Re: CentOS 6.5 download issues

Post by vladguan » 2014/09/12 01:45:41

Cheers Trevor,

I will try and do an update and see what happens. Although, I am pretty sure I did so a yum update on the proxy server.

vladguan
Posts: 9
Joined: 2014/09/11 08:11:29

Re: CentOS 6.5 download issues

Post by vladguan » 2014/09/12 07:57:47

Hmm, just did a yum update on my test CentOS.
uname -a returns:
2.6.32-431.29.2.el6.x86_64 #1 SMP Tue Sep 9 21:36:05 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux

Still no luck with downloading these files.

User avatar
TrevorH
Forum Moderator
Posts: 24322
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: CentOS 6.5 download issues

Post by TrevorH » 2014/09/12 09:43:38

I notice that your Sophos IP address is different to mine, does it always hit that same one?
CentOS 5 died in March 2017 - migrate NOW!
Full time Geek, part time moderator. Use the FAQ Luke

vladguan
Posts: 9
Joined: 2014/09/11 08:11:29

Re: CentOS 6.5 download issues

Post by vladguan » 2014/09/12 10:36:47

Hi Trevor. Yes, I noticed that as well. I think that the IP address resolves to what ever server is in your region. I might try spoofing dns entries next week to see if it makes a difference.

In the mean time, anyone on here from Australia with a CentOS 6.5 that could test the above download?
Cheers,
Vlad

User avatar
TrevorH
Forum Moderator
Posts: 24322
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: CentOS 6.5 download issues

Post by TrevorH » 2014/09/12 10:57:39

I added it to /etc/hosts and reran the wget and it still works for me. The files are identical.
CentOS 5 died in March 2017 - migrate NOW!
Full time Geek, part time moderator. Use the FAQ Luke

vladguan
Posts: 9
Joined: 2014/09/11 08:11:29

Re: CentOS 6.5 download issues

Post by vladguan » 2014/09/15 05:43:56

Hmm, specifying 62.252.169.11 for d1.sophosupd.com in /etc/hosts forced it to use that IP and still no go.

vladguan
Posts: 9
Joined: 2014/09/11 08:11:29

Re: CentOS 6.5 download issues

Post by vladguan » 2014/09/15 06:20:00

OK, downloaded wireshark-gnome and did two captures, one for a working download and one for the non-working download. Both were with the Sophos IP address spoofing in /etc/hosts to 62.252.169.11.

The screen captures shows a working download followed by a non-working download.
Image

Any tips?

Cheers,

Vlad

User avatar
TrevorH
Forum Moderator
Posts: 24322
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: CentOS 6.5 download issues

Post by TrevorH » 2014/09/15 08:33:55

That clearly shows the other side sending an RST. I would talk to Sophos about it and also look at the intervening network hops that are under your control - perhaps you have some sort of UTM firewall that is interpreting the contents of that as a virus and interrupting the connection?
CentOS 5 died in March 2017 - migrate NOW!
Full time Geek, part time moderator. Use the FAQ Luke

Post Reply