How fake a connection test?

berny · 8 July 2023 19:28

There are some hosts/apps in the LAN that checked a connection with a http request to a host in the I-Net.
I want to answer this request by the IPfire. It looks like the IPfire is listening at port 80 too. Where in the folder tree I have to store a file that should delivered by the related request?

cfusco · 8 July 2023 20:06

Can you explain further what you want to do? I cannot understand what you are asking. Consider that my brain power is low enough to always appreciate a drawing

berny · 8 July 2023 21:02

Some applications want establish a connection because a connection check failed. The connection check is a simple request to an http service in the I-Net (example www.msftconnectiontest.com/answer.txt)

This service sends a 302 and redirect to a https connection at port 444.

… then the connection timed out.

So I want to send an reply to the request from IPfire. It is easy to change the DNS answer so that the IPfire is asked instead a host in the internet. But were should I store the file (answer.txt see above)?
And what is to change so that the IPfire send the answer file and not redirect to https at port 444?

trash-trash · 8 July 2023 21:18

@berny
Not sure that I had understand you right, but maybe this can help or give you an idea?

BR
Trash

berny · 9 July 2023 05:13

Windows uses the Network Location Awareness (NLA) service https://learn.microsoft.com/en-US/troubleshoot/windows-client/networking/internet-explorer-edge-open-connect-corporate-public-network and this does not work. (same at my Linux but there is only a warning.) In M$ Citrix Secure Connection does not start to establish a connection because it get no answer from this f@#%^ NLA.

I have a rule (#1) that this special M$-PC can connect to the RED zone at all ports without any restrictions. Different application are running without problems, browsing is possible, and so on. but this Citrix apps does not start its work if NLA does not comes back with a positiv answer.

(And no, I can not change the Configuration of this -PC, it it not under my control …

So I want to fake this ugly test.

I looks like IPfire catch all out going requests and forward this to its own port (444)

wget --no-proxy --no-check-certificate http://www.msftconnecttest.com
--2023-07-09 07:02:58--  http://www.msftconnecttest.com/
Auflösen des Hostnamens www.msftconnecttest.com (www.msftconnecttest.com)… 23.65.29.168, 2.16.63.57
Verbindungsaufbau zu www.msftconnecttest.com (www.msftconnecttest.com)|23.65.29.168|:80 … verbunden.
HTTP-Anforderung gesendet, auf Antwort wird gewartet … 302 Moved Temporarily
Platz: /cgi-bin/index.cgi [folgend]
--2023-07-09 07:02:59--  http://www.msftconnecttest.com/cgi-bin/index.cgi
Wiederverwendung der bestehenden Verbindung zu www.msftconnecttest.com:80.
HTTP-Anforderung gesendet, auf Antwort wird gewartet … 301 Moved Permanently
Platz: https://www.msftconnecttest.com:444/index.cgi [folgend]
--2023-07-09 07:02:59--  https://www.msftconnecttest.com:444/index.cgi
Verbindungsaufbau zu www.msftconnecttest.com (www.msftconnecttest.com)|23.65.29.168|:444 … ^C

# wget --no-proxy --no-check-certificate https://www.msftconnecttest.com
--2023-07-09 07:03:51--  https://www.msftconnecttest.com/
Auflösen des Hostnamens www.msftconnecttest.com (www.msftconnecttest.com)… 2.21.20.140, 2.21.20.155
Verbindungsaufbau zu www.msftconnecttest.com (www.msftconnecttest.com)|2.21.20.140|:443 … ^C

# wget --no-check-certificate http://www.msftconnecttest.com
--2023-07-09 07:04:04--  http://www.msftconnecttest.com/
Verbindungsaufbau zu 192.168.250.2:8080 … verbunden.
Proxy-Anforderung gesendet, auf Antwort wird gewartet … 404 Not Found
2023-07-09 07:04:04 FEHLER 404: Not Found.

# wget --no-check-certificate https://www.msftconnecttest.com
--2023-07-09 07:05:09--  https://www.msftconnecttest.com/
Verbindungsaufbau zu 192.168.250.2:8080 … verbunden.
WARNUNG: Keiner der alternativen Namen des Zertifikats stimmt mit dem angefragten Maschinennamen »www.msftconnecttest.com« überein.
Proxy-Anforderung gesendet, auf Antwort wird gewartet … 404 Not Found
2023-07-09 07:05:09 FEHLER 404: Not Found.

trash-trash · 9 July 2023 09:50

www.msftconnecttest.com. FQDN
http://www.msftconnecttest.com/connecttest.txt
dns.msftncsi.com. FQDN
http://www.msftncsi.com/ncsi.txt

88.221.110.216 www.msftconnecttest.com.
131.107.255.255 dns.msftncsi.com.

The request is http://www.msftconnecttest.com/connecttest.txt
The output you should get by wget --no-proxy --no-check-certificate http://www.msftconnecttest.com/connecttest.txt

What you try to do is experimental, delivering “connecttest.txt”
Check your modifications of proxy at IPFire. I wonder the answer you get there are the termination of a none established connection.

BR
Trash

bonnietwin · 9 July 2023 10:08

Your wget command is incorrect. You need the file name at the end of the command.

When I run your command I get:

wget --no-proxy --no-check-certificate http://www.msftconnecttest.com
–2023-07-09 12:03:46-- http://www.msftconnecttest.com/
Resolving www.msftconnecttest.com… 217.116.214.97, 217.116.214.137
Connecting to www.msftconnecttest.com|217.116.214.97|:80… connected.
HTTP request sent, awaiting response… 404 Not Found
2023-07-09 12:03:46 ERROR 404: Not Found.

With the filename at the end you get the following:

wget --no-proxy --no-check-certificate http://www.msftconnecttest.com/connecttest.txt
–2023-07-09 12:05:11-- http://www.msftconnecttest.com/connecttest.txt
Resolving www.msftconnecttest.com… 178.237.46.25, 178.237.46.24
Connecting to www.msftconnecttest.com|178.237.46.25|:80… connected.
HTTP request sent, awaiting response… 200 OK
Length: 22 [text/plain]
Saving to: ‘connecttest.txt.1’

connecttest.txt.1 100%[==============================>] 22 --.-KB/s in 0s

2023-07-09 12:05:11 (445 KB/s) - ‘connecttest.txt.1’ saved [22/22]

and wget has downloaded the file and the content is:

less connecttest.txt
Microsoft Connect Test
connecttest.txt (END)