[OmniOS-discuss] web site seems to attack server internet connection

Michael Mounteney gate03 at landcroft.co.uk
Mon Apr 17 06:42:37 UTC 2017


If anyone has an OmniOS machine acting as a NAT with IP forwarding (as
I have) they might care to try to reproduce a circumstance I am seeing,
where visiting a web site on a workstation connected THROUGH the
server, brings down the server's interface.  Diagrammatically:

  interwebs
       |
cable-modem
       |
   e1000g0
       |
   OmniOS
       |
   e1000g1
       |
 workstation

On the workstation:

1.  Browser, visit http://www.yamaguchien.com.au/ I've used this site
for several years so regard it as 'legitimate'.
2.  Click Shop and order something.  I ordered Sencha premium.
3.  Go to Checkout.
4.  Fill in some details.  Dummy address:  Parliament Way, Canberra,
ACT 2000 (the site validates addresses). Click checkout.
5.  The browser may or may not start to load paypal.com but whatever;
e1000g0 (as it is on my system) appears to be down, inasmuch as I can
no longer ping 89.16.167.134 (google.com) from the *server*.  It is
necessary to take the interface down and up, and delete and add the
default route, or maybe some other fiddling, to restore the interface.

Does this indicate that Something Nasty is happening?

______________
Michael Mounteney


More information about the OmniOS-discuss mailing list