This is the mail archive of the
cygwin
mailing list for the Cygwin project.
RE: What is the proper mailing list for server issues?
Ok, I spoke too hastily. It's possible a webserver blocks sites or the ISP blocks.
Also, perhaps cygwin.com can't resolve starwolf.com as Brian suggested.
Looking at your curl and openssl output I see this oddity
"No ALPN negotiated"
"ALPN, server did not agree to a protocol"
According to this site cygwin.com does not support HTTP/2. Must be using 1.1.
https://tools.keycdn.com/http2-test
Does this get you a web page?
curl -v --http1.0 https://www.cygwin.com
You're not doing any port forwarding of 443?
Glenn
============================================================
Greetings,
I'm trying from several different machines in the house, some directly connected, as well as any thru the NAT interface. This is the ONLY site I cannot reach normally. I have to use the Tor browser to reach the site, and, even then, once I get a new cygwin setup .exe, the list of mirrors doesn't auto-fill because (surprise, surprise) I cannot connect via any known protocol to either www.cygwin.com or 209.132.180.131.
The SSL certificates I get from a successful Tor hit and an unsuccessful
403 from home are identical
I am concluding that at least the address range 69.12.250.{40-47} are being blocked; and it probably extends beyond that.
Firewall is a Watchguard Firebox running pf_sense. I get the 403 even with a direct (non-firewalled, non-routed connection)
I have attached two .txt file with runs from two servers within my house, one running NetBSD, one running Windows [thus the importance of cygwin].
Included are runs from 'host'/'nslookup', 'ping', 'traceroute', 'curl'
and 'openssl'
This is NOT a local firewall issue, otherwise my other machines on different addresses would not have a problem.
smaug is my internal firewall.
stupidhead is the default next hop from said firewall.
"...it's nothing to do with cygwin.com."
Sooooo, why else would I get a refusal from the web server from this address when I can connect from elsewhere ** and the SSL certificate is the same ** ??
What am I missing?
"...but there's nothing we can do from here."
Where is "here"? If "here" == "cygwin.com", you can't tell me if my IP is on an internal blacklist (and, moreso, why?)??
On 2017-04-21 08:06, Gluszczak, Glenn wrote:
>
> Agree, it's nothing to do with Cygwin.com.
>
> Check for a firewall on your local machine. Check your home router to see if it has a firewall with restrictions.
> Perhaps you're passing through a proxy server or firewall at the ISP?
> Try traceroute or wget to analyze what site you're really attaching to.
>
>
>
> On 4/21/2017 2:35 AM, Greywolf wrote:
>> Hello,
>>
>> I am having a server issue that neither I nor my ISP seem to be able
>> to resolve with regards to connecting to Cygwin.com -- namely, only
>> from my house, I get a 403 Forbidden.
>>
>
> This is _your_ problem. Something has caused you to not be able to reach cygwin.com properly. What IP address does cygwin.com resolve to?
> Does using the IP address directly work for you?
>
> $ ping cygwin.com
>
> Pinging cygwin.com [209.132.180.131] with 32 bytes of data:
>
>
>> I've been round with my ISP and they are unable to reproduce the
>> issue; the response I get from here is "contact your ISP". So who do
>> I contact about this? Not being able to automagically fetch the
>> mirror list is annoying, and not being able to reach the site to see
>> about updates and such is similarly so.
>>
>
> Understandable but nothing we can do from here.