[ABE] <LOCAL> Deny on {GET http://forums.informaction.com/posting.php?mode=reply&f=7&t=10207 <<< http://forums.informaction.com/ - 6}
SYSTEM rule:
Site LOCAL
Accept from LOCAL
Deny
which makes no sense, then I checked the error console to find out what gives and I see these two guys too:
Error: The character encoding of the HTML document was not declared. The document will render with garbled text in some browser configurations if the document contains characters from outside the US-ASCII range. The character encoding of the page must to be declared in the document or in the transfer protocol.
Source file: http://forums.informaction.com/posting.php?mode=reply&f=7&sid=109d38b1f73459e82aa286c566d1f74e&t=10207
[ABE] <LOCAL> Deny on {POST http://forums.informaction.com/posting.php?mode=reply&f=7&sid=109d38b1f73459e82aa286c566d1f74e&t=10207 <<< http://forums.informaction.com/ - 6}
SYSTEM rule:
Site LOCAL
Accept from LOCAL
Deny
and the only way to proceed with posting was to click on the option button that shows up on the ABE warning bar, disable ABE and then click refresh and click I accept the resend and voila, it posted.
I of course went back and re-enabled ABE, but what the heck gives here?
NS. 2.5.7rc3
~.:[ Lï£ê ï§ å Lêmðñ åñÐ Ì Wåñ† M¥ Mðñê¥ ßå¢k ]:.~ ________________ .: [ Major Mike's ] :. ________________
world is a vampire and browsers are zombies and users are the virus
As you know, I teach networking (CCNA, CCNP, and CCIE) so I am quite familiar with networking and routing and so on. I also teach everything from Windows AD, Exchange, SQL, DNS, Web, ICS, Link and so on, so I do a lot of checking before I post these kinds of things.
Here is the thing, I have vetted the router (a 2811 which I find a bit old but none the less is very good, although I would prefer a 3560 Router/Switch or even an ASR 1000 better but who has the money), the DNS (there are 6 redundant servers located on multiple continents, running multiple platforms to ensure MIMs are extremely limited or near impossible), the IP scheme internally is strictly VLAN and VTP managed running through very strict static and dynamic OSPF and EIGRP routing protocols all two way encrypted.
Traceroutes, pings, and even IP CEF cache entries reveal no issue, the routing and topology tables are unchanged, all the SLA and ACLs are unchanged, triggering properly and no issues there. The only two things that are wildcards are: Firefox and NS (ABE) in this scenario. Now unfortunately since the last time this issue was encountered BOTH Fx and ABE have changed, so no way to know who is the true culprit, I'll give you that. So to narrow down the answer to a short yes or no - no we have no DNS entry pollution.
In fact by default my router is configured with OSPF and EIGRP and their dead timers are set in such a way that the metric is updated every 10 seconds and the IP CEF and other DNS tables, are dumped and forced refreshed every 15 seconds, so there is NEVER a cache DNS item older than 15 seconds in my system, and as I said it harvests them from 6 servers and their k values are set to ensure they match 99% consensus before any route to IP is accepted.
I do network security for a living and for the military, so my own systems are setup to mirror those of the NSA, Marine Central Command, NORAD, CIA and the Pentagon. Although unfortunately in a couple of those systems, I don't have final say and get overridden by idiots in charge, but hey their loss not mine and a whole different topic for another day. This problem is NOT persistent in the sense that it happens ALL THE TIME, but it happens enough, and has happened enough to me to make me concerned as to WHY? I don't want to lay the blame entirely at the feet of ABE, but when its the one throwing the error, and disabling it and continuing with the browsing everything works and goes through ok, I have to assume how ABE is handling DNS and LOCAL identification that is the problem and not even the browser who is respecting that I am submitting to a remote server and without ABE running interference, continues to do so just fine.
To add more bizarre to this issue, if I open a new tab and use the same link I am trying to submit on the tab that ABE is complaining, it will keep complaining, telling me its holding this data like a grudge and is not vetting it new, just going based on some cache response, because alter the link slightly and try on another tab at the same time and ABE doesn't say boo about it, why? Probably because it grabbed fresh data for that entry and was ok with it. So if at some point a glitch like this happens where ABE is wrong, it should have a mechanism by which to dump whatever it THINKS it knows and try to vet the information AGAIN fresh, it would then realize its wrong, and move on. But it insists on something we all know to be false. There is no way in the world forums.informaction.com is LOCAL to me, just impossible. So ABE is making a mistake based on outdated data? maybe the last time it pulled the DNS or whatever, it got a bad response and now its sticking to it and making decisions based on it come hell or high water, instead of intelligently saying, ok, let me try and vet this again and see what I get now.
BTW, even the last time you said my situation was unique and you had no idea as everything came back fine on the tests you had me run, remember?
~.:[ Lï£ê ï§ å Lêmðñ åñÐ Ì Wåñ† M¥ Mðñê¥ ßå¢k ]:.~ ________________ .: [ Major Mike's ] :. ________________
world is a vampire and browsers are zombies and users are the virus
