Re: Why is IPS blocking some clients
- From: "Tom" <thilbig@xxxxxxxxxxxxx>
- Date: 24 Oct 2006 12:39:49 -0700
Tom wrote:
The last two worked with one customer, but only because this format
seems to pack the POST data much more efficiently when sent back to the
server that way. I discovered earlier that that customer's site was
allowing POST data through if the response was contained in one packet
(content-length < 1500 bytes). The original multipart/form-data
version required multiple packets for the same POST data, so the
customer's IPS stopped it.
I tried the no-enctype, and enctype=application/x-www-form-urlencoded"
on a form with data that required multiple packets (content-length >
1500) and the same failure occured.
Tom
Here is a single-field form that fails on the same customer because the
amount of data is about 2KB. Their IPS is blocking the post submission
(probably sending the client a RST).
www.sygration.com/cgi-bin/banana67
If you have an IPS with logging, please try it and tell me what is
wrong with it.
Tom
.
- References:
- Why is IPS blocking some clients
- From: Tom
- Re: Why is IPS blocking some clients
- From: Tom
- Re: Why is IPS blocking some clients
- From: Tom
- Re: Why is IPS blocking some clients
- From: kingthorin
- Re: Why is IPS blocking some clients
- From: Tom
- Why is IPS blocking some clients
- Prev by Date: Checkpoint QoS
- Next by Date: Re: netfilter iptables and firewall
- Previous by thread: Re: Why is IPS blocking some clients
- Next by thread: Kerio settings to share internet connection
- Index(es):
