Re: corporate firewall blocks apt-get, but only where installed, not LiveCD?

That person is having a problem with the incorrect repositories enabled for what they want to do. My issue is I can't even get to the server.

I have to manually re-enable all of the repositories on my list after every update attempt as they get marked as 'failed to verify' when the installer can't contact them. My sources.list file got uploaded after a failed attempt, hence the # symbols.

Yeah, pretty much. For a short while I could have sworn our networking guys were advocating us taking the computer(s) home to run updates...

When I am back in the office, I will do try that. I'm currently at a different site, and I can't ssh back into the machine.

I was able to download via FTP without any problems. We tried that when we first started having problems.

This sounds interesting. I will relay this to the networking guys, and see what they have to say about it. Was it really slow, or just stopped dead?

BTW, I really appreciate all the help on this. I've run this past all my local linux buddies, and they kinda sit there and scratch their head.

Re: corporate firewall blocks apt-get, but only where installed, not LiveCD?

Dead as a brick.

In addition, Guarddog may prove more helpful in order to find out what APT factually is trying to do than examining the latter's source code

It's kind of comforting to know that I may be not quite as dumb as this problem is making me feel >

Re: corporate firewall blocks apt-get, but only where installed, not LiveCD?

Hmm. This appears stone cold dead, but if you let it sit for 10-20 minutes, sometimes instead of timing out, it will show some activity. Granted it's very little, but anything is more than nothing.

Don't feel bad. No one here has any idea what happened. The networking guys were saying that for whatever reason the session would transfer 20mb of data, then break, and was thinking it was linux itself breaking it.

When we would do the initial install, we would do it disconnected from the network so there would be no traffic, just in case. It didn't make a difference. Once it was installed, updates were no more.

They opened a ticket with Cisco, but they are not hopeful, since we can't really say what broke, just point at the part that isn't working. We can't be the only place that has a PIX firewall with linux boxes behind it.

Re: corporate firewall blocks apt-get, but only where installed, not LiveCD?

Hmmm ... "Swiss speed" is definitely not what my Guarddog experiments have been resulting in ... mumble, mumble ...

In the meantime, however, I may have been able to reproduce your problem - as well as resolve it by disabling IPv6 (as mentioned by another poster ...):

Could you please, at least for the sake of falsification (...), issue the following console command to the Kubuntu system, then "re-boot & re-try":

Re: corporate firewall blocks apt-get, but only where installed, not LiveCD?

Will do. I let the person on site know, and they should get back to me. I will post results as soon as I hear.

Also, heard from the networking guys, we do not support IPv6, and from Cisco, regarding captured packets. I can't copy/paste the email in a public forum due to our security policies, but I can sum up.

First packet is sending SYN to 91.189.88.31,
second is ACK to 91.189.89.6,
third is SYN again,
fourth is ACK again,
fifth is a reset from our side to 91.189.88.31.

They arent certain why we are sending a reset, and required more detailed info. Also, the capture didnt show any return packets from the server to the kubuntu box, (think they forgot that part of the command). They are going to try and recapture more data, and see what comes up.

Re: corporate firewall blocks apt-get, but only where installed, not LiveCD?

In this case, a closer look at the way APT communicates may still prove helpful ...

To ease things up, I copied the complete, unaltered source code to my file server.

In particular from the HTTP Aquire Method a bit jostler might gain some insight 8)

Re: corporate firewall blocks apt-get, but only where installed, not LiveCD?

Tried the IPv6 command. no difference, same issue as before. We are going to try changing all the repository addresses to ftp sites instead of http to see if that makes a difference as noted by one of the other people in our group. Will post as soon as I know. Still haven't heard anything more from Cisco yet.

Re: corporate firewall blocks apt-get, but only where installed, not LiveCD?

Well, update as follows. The person on site did a search and replace for HTTP and replaced it with FTP (not a reliable method,i know, since they may not have a matching ftp server, but anyway). It worked?!? Apt updated and appeared to be working normally. So it appears to be something specific to Apt, while using HTTP sources, while behind the Cisco PIX firewall. While I am happy it works, I still am trying to find the source of the issue.

I'm not certain what you need me to do here. I know squat about code.

Re: corporate firewall blocks apt-get, but only where installed, not LiveCD?

Just another one of my silly ideas: maybe one of your C code "pros" would be able to find the "de-facto bug" from within the sources (in particular: the "method(s)" implementations) ...

Re: corporate firewall blocks apt-get, but only where installed, not LiveCD?

Still stuck. Threw a Feisty install DVD in another test machine, loaded it up, and it appeared that all was peachy. Went to try and get the headers, and IT WORKED!! Started the update, got through a couple files, and it stopped dead. I'm guessing we hit that 20mb limit/issue the networking group was telling us about.

Went into the options within Adept, and one of the them was a dropdown with which server group to use. We set it for US servers, tried to get headers again, and it worked?? We figured at this point, our networking group had enabled some filter to block traffic by country or something. We installed some software to make sure the connection would stay working, with the 20mb limit or whatever that was about. It appears that all is good.

Here's where it gets weird. When we went to verify that the country of origin was the issue, by changing the server back to Ubuntu Main, it still worked. > Headers came down no problem, then we installed some more software, aprox 30mb of stuff, just to see if it would die after 20mb. It was a little slow, but nothing horrible.

So, after installing 7.04 on one of the machines that was having issues with 6.06, which initially failed with the default server setup, then worked via US servers, and now mysteriously works after going back to Ubuntu Main servers, I can honestly say I have no idea what the heck is going on.