Mafreebox.freebox.fr unreachable if webproxy is enabled

hi

when i want to login to my freebox (internet box) (http://mafreebox.freebox.fr/) if the webproxy is running I can not logging. If a restart the webproxy, then I can connect to my internet box without any problem. I don’t understand why and how the webproxy can generate this behavior.
where I can find what is happening?
WIth or without urlfilter the behavior is the same.
do you have any ideas?

Regards
Tg92

Hi,

first, welcome to the IPFire community. :slight_smile:

Hm, mafreebox.freebox.fr resolves to 212.27.38.253 (somewhere in France), but both HTTP and HTTPS requests to that destination simply time out:

$ wget http://mafreebox.freebox.fr/
--2021-12-18 11:29:07--  http://mafreebox.freebox.fr/
Resolving mafreebox.freebox.fr (mafreebox.freebox.fr)... 212.27.38.253
Connecting to mafreebox.freebox.fr (mafreebox.freebox.fr)|212.27.38.253|:80... failed: Operation timed out.
Retrying.
$ wget https://mafreebox.freebox.fr/
--2021-12-18 11:30:44--  https://mafreebox.freebox.fr/
Resolving mafreebox.freebox.fr (mafreebox.freebox.fr)... 212.27.38.253
Connecting to mafreebox.freebox.fr (mafreebox.freebox.fr)|212.27.38.253|:443... failed: Operation timed out.
Retrying.

Therefore, I am a bit surprised to hear you can access this FQDN on your network. Could you elaborate a bit more on its technical setup? Is mafreebox.freebox.fr a FQDN assigned to your CPE router or something similar? Or did I misunderstood you completely?

Thanks, and best regards,
Peter Müller

1 Like

(post deleted by author)

hi
i am using IPFire 2.27 (x86_64) - Core Update 161 with red, orange, green and blue network.

my webproxy is activated on green network as transparent mode and I’m testing everything with the green network…

mafreebox freebox fr is resolved to 212.27.38.253 from my green network.
in firefox development helper i can see two accesses :slight_smile:

curl "http link to the freebox /api/v8/login/?_=ANumber000000" -H "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:95.0) Gecko/20100101 Firefox/95.0" -H "Accept: application/json, text/javascript, */*; q=0.01" -H "Accept-Language: en-US,en;q=0.5" -H "Accept-Encoding: gzip, deflate" -H "X-FBX-FREEBOX0S: 1" -H "X-Requested-With: XMLHttpRequest" -H "Connection: keep-alive" -H "Referer: http link to the freebox/login.php"

and

curl "http link to the freebox  /api/v8/login/" -X POST -H "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:95.0) Gecko/20100101 Firefox/95.0" -H "Accept: application/json, text/javascript, */*; q=0.01" -H "Accept-Language: en-US,en;q=0.5" -H "Accept-Encoding: gzip, deflate" -H "Content-Type: application/x-www-form-urlencoded; charset=UTF-8" -H "X-FBX-FREEBOX0S: 1" -H "X-Requested-With: XMLHttpRequest" -H "Origin: http link to the freebox" -H "Connection: keep-alive" -H "Referer: http link to the freebox" --data-raw "password=EncryptedPassword"

I think the POST request is not working.

Without the webproxy I can see this request :

curl "ws // freebox /api/v8/ws/event/" -H "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:95.0) Gecko/20100101 Firefox/95.0" -H "Accept: */*" -H "Accept-Language: en-US,en;q=0.5" -H "Accept-Encoding: gzip, deflate" -H "Sec-WebSocket-Version: 13" -H "Origin: http link to the freebox" -H "Sec-WebSocket-Extensions: permessage-deflate" -H "Sec-WebSocket-Key: EncryptedKeyXXXXX" -H "Connection: keep-alive, Upgrade" -H "Cookie: FREEBOXOS=""EncryptedSomethingXXXXXX""" -H "Pragma: no-cache" -H "Cache-Control: no-cache" -H "Upgrade: websocket"

I am not a specialist of web protocol but I think it try to establish a websocket protocol and this one failed.

I hope this can help

you can find some detail on this page

or here

Hello from France,
I guess that mafreebox.freebox.fr is an adress that redirects to the web interface of your Freebox. When you don’t have IPFire, it’s the Freebox that does the DNS resolving, so mafreebox.freebox.fr redirects to the local adress of the Freebox. When you put IPFire in between, IPFire might bypass the DNS resolving of the Freebox, so the link between mafreebox.freebox.fr and the local address of the Freebox doesn’t exist anymore.

  1. Could you try to reach the Freebox by typing its IP adress, that seems to be 192.168.0.254 or 192.168.1.254 ?
  2. Do you use “ISP-assigned DNS servers” in Network > Domain Name System ?
2 Likes

hi,

1- if I try with the IP of the box 192.168.10.254 it is not working too.
2- I am also using ISP-assigned DNS servers setup with 192.168.10.254 (the box has its internal dns) and the second is also using ISP assigned DNS servers and it is a dns of my internet provider dns1.proxad.net.

DSN option :
Protocol UDP
Enable Safe Search uncheked
Include YouTube in Safe Search checked
QNAME Minimisation standard

thanks for your help

remark: perhaps i can give access to my ipfire if it can help

if I uncheck the option ‘Use ISP-assigned DNS servers’ it is working fine. I don’t understand why

I have removed the dns included in my internet box 192.168.10.254 (gateway) and now it is working fine.
It is a good news even if I don’t understood why. This dns was working fine when I try a nslookup command no this local dns included in the internet box
I have also re-checked the option ‘Use ISP-assigned DNS servers’ .

Hi,

this makes sense; I suspected something similar in the first place, but forgot to mention that. Sorry. :expressionless:

They might return you a different IP address for the FQDN than the public DNS does. By conducting a

dig +short a mafreebox.freebox.fr

you could double-check this. If the output is not 212.27.38.253, your ISPs’ resolvers interfere here.

Thanks, and best regards,
Peter Müller

1 Like