I have a mixed enviroment of apple, windows and linux. In the apple
world I have everything from os 9 up to 10.4.x. My 10.4 clients
software update utility stopped working last week. 10.3 and under
still work. I captured traffic from one 10.4 and 10.3 client at the
firewall. Both machines make the initial connection to
swscan.apple.com. The 10.3 client shows a SYN packet, the 10.4 shows
nothing.
Heres 10.4:
Wed Jan 31 09:32:59 2007; TCP; eth2; 238 bytes; from
swscan.apple.com:http to 10.40.13.17:49206 (source MAC addr
0080c8ca9fba); first packet
Wed Jan 31 09:32:59 2007; TCP; eth2; 52 bytes; from 10.40.13.17:49206
to swscan.apple.com:http (source MAC addr 0009b7135180); first packet
Heres a 10.3 computer doing same:
Wed Jan 31 09:38:08 2007; TCP; eth2; 60 bytes; from 10.40.19.107:49442
to 17.250.248.95:http (source MAC addr 0009b7135180); first packet (SYN)
Wed Jan 31 09:38:08 2007; TCP; eth2; 60 bytes; from 17.250.248.95:http
to 10.40.19.107:49442 (source MAC addr 0080c8ca9fba); first packet (SYN)
After much googling and head scratching and deleting of cache files
and .plists on the apples, I found a reference to RFC 1323 and how
apple's update servers arent RFC 1323 compliant. My question is how
to I get my firewall running iptables v 1.2.9 to work with apples
software update servers. And maybe Im missing the entire boat and
this isnt the issue. I have made no Firewall changes and everything
worked fine until last week.
thanks,
ddh
--
Dwayne Hottinger
Network Administrator
Harrisonburg City Public Schools
