Home / server / Questions / 671908
Accepted
nass
Asked: 2015-02-28 07:15:33 +0800 CST

modem rejects logon credentials If I try to connect through http://modem/. works fine if I connect with http://<ipaddr>/

  • 772

This is a real bugger:)

My modem is a ZTE ZXHN H108L, connected to a linux firewall/router/gateway. The gateway is a Slackware 14.0 system on which DNS, DHCP, VPN and transparent PROXY run. The gateway has 2 hardware NICs. eth1 is connected to the modem (192.168.231.117), and eth0 is connected to the intranet (192.168.112.0/24).

I use the dns to give names to several intranet and vpnnet hosts. The modem has the convenient name "modem.skails.office" (or just "modem" if I sit in a pc on this intranet). From /var/named/skails.office.hosts : 

modem                   A       192.168.231.117

nslookup resolves the modem address correctly from all pc's of the intranet.

root@stargaze:~# nslookup modem
Server:     127.0.0.1
Address:    127.0.0.1#53

Name:   modem.skails.office
Address: 192.168.231.117

root@stargaze:~# nslookup modem.skails.office
Server:     127.0.0.1
Address:    127.0.0.1#53

Name:   modem.skails.office
Address: 192.168.231.117

So when I try to access the modem from the gateway's browser (firefox), I type http://192.168.231.117/. I provide the credentials and I log on fine.

If I try to do the same by issuing the address http://modem/ or http://modem.skails.office/, I will still be presented with the logon window, but it will NOT accept my credentials. I really do not know what could be the problem here.

I used tcpdump -i eth1 host modem and port 80 to log a successful and and unsuccessful attempt to log on and grab the status page.

  1. successful tcpdump wget --user admin --password 1234 "http://192.168.231.117/status/status_deviceinfo.htm" -O -

Connecting to 192.168.231.117:80... connected.
HTTP request sent, awaiting response... 401 Unauthorized
Reusing existing connection to 192.168.231.117:80.
HTTP request sent, awaiting response... 200 OK
Length: unspecified [text/html]
...

  1. unsucessful tcpdump wget --user admin --password 1234 "http://modem/status/status_deviceinfo.htm" -O -

Resolving modem (modem)... 192.168.231.117
Connecting to modem (modem)|192.168.231.117|:80... connected.
HTTP request sent, awaiting response... 401 Unauthorized
Reusing existing connection to modem:80.
HTTP request sent, awaiting response... 401 Unauthorized
Authorization failed.

Can you make anything out of it? Do you need any other data that I have perhaps not thought to include? How can I investigate this matter further?

internal-dns

1 Answers

  1. Best Answer

    The modem's web server isn't designed to handle something other than its IP in the Host HTTP header, thus you obtain undefined behavior and in this case it means the authentication fails when you send something other than its IP in that Host header.

    Normally unless you're using virtual hosts (which allows hosting multiple sites under multiple domains pointing to the same IP, and using that Host header to tell which site was requested) you're just supposed to ignore that header altogether, which the developers of that firmware obviously didn't do. I wouldn't be surprised if they were actually using a virtual host (unnecessarily) and that's why only a specific Host header set to the router's IP allows you to authenticate, because everything else doesn't match that virtual host.

    The name doesn't have anything to do with it, it's just that curl/wget automatically set the correct Host header based on that DNS name. If you can remove or override that header and set it back to the modem's IP then it'll work just fine (use wget --header="Host:" ... to remove the header).

    • 1