Issue with network and Gmail and other Google pages
-
BTW, I find it a bit much when people load up something with all sorts of crap and then complain something doesn't work properly, when the problem is caused by some of the crap they've install on top of that something.
-
@JKnott said in Issue with network and Gmail and other Google pages:
I've been around long enough to remember the browser wars, when Microsoft tried to corrupt http with Internet Explorer. They'd come up with their own way of doing things that would break other browsers such as Netscape. Fortunately, those days are long behind us, especially since Bill & Steve left. Even still, there are differences between browsers. For example, when I log into my pfSense box with Firefox, it remembers my ID and password. Chrome doesn't. Both are running on Linux.
Me, too. I finally settled on Chrome for both my Windows and Linux machines for the last three years or so. Although I will say Microsoft Edge is not too bad. It is certainly heads and shoulders above Internet Explorer.
I use Chrome on Windows and Linux with the uBlock Origin and AdBlock for YouTube extensions to snuff out ads.
-
@JKnott said in Issue with network and Gmail and other Google pages:
BTW, I find it a bit much when people load up something with all sorts of crap and then complain something doesn't work properly, when the problem is caused by some of the crap they've install on top of that something.
Yep! Many users get carried away with adding tons of lists to pfBlocker or enabling all of the rules in Snort or Suricata. Both can lead to lots of headaches, especially for a new user of those kinds of tools.
-
@codybadger said in Issue with network and Gmail and other Google pages:
I'm having an odd issue here.
SUBJECT : Issue with network and Gmail and other Google pagesBetter add the missing part to the subject lien .... Chrome (made by ...and controlled by ... ;) ).
Now you have the best of world's biggest 'publicity' company in one bucket.An then you placed another bucket in front of it, called "pfBlockerNG" and fill it up with feeds that mostly block ... pub sites.
Well ...
The non-technical answer might be : lock up a cat and dog in a room, and be surprised that your here a lot of fighting in there.
.... and some one is gona pay the vet real soon ..."pfBlockerNG" is like a big gun, pointed downwards - for safety, and not loaded (no feeds). That's how it's installed.
Then the admin starts to load it with 'feeds' without aiming (I mean : selecting the right feeds).
"pfBlockerNG" is in auto trigger mode.
=> Your own feet start to hurt terribly ......Ok, I'll be more serious.
When you even think that "pfBlockerNG" is blocking something it shouldn't : go to the Firewall > pfBlockerNG > Reports > Alerts page. Check the Deny and DNSBL list.
You'll see the most incredible URL's being blocked.
And before you say : I never visited these sites, know that your browser does so, your TV also, your phones is actually doing so, etc etc. Mail clients, Google web pages etc etc pull in the most incredible content from even more incredible sources (hosts - the URL's).Now for the bad news : "pfBlockerNG" is a nice tool and it's even free. But good results are not free at all : it needs a lot of your time so you can learn how to use it - you even have to know how it works, so you can instruct it to work correctly for you.
Btw : I'm not against Google - I consider myself even a 'fan' of that company. It can be very invasive, which needs some control. And that's ok for me, I'm a spare-time firewall admin, not a full time bicycle repair guy.
( and yes, no worries, I love bicycles to - I'm from 'holland')edit : @bmeeks said the same thing, using far less words ...
-
Ok, got it. Thanks all for your input. I'll look into the pfBlockerNG lists and see if I can locate the problem. Just seems so odd that there would be something in there that specifically blocks the check boxes in gmail, for example. The tough part about troubleshooting this is that it doesn't happen all of the time. Sometimes, everything loads properly.
FWIW , I have a desktop PC running windows, android phones, iphones, and macbooks all using chrome that show this issue.
@JKnott said in Issue with network and Gmail and other Google pages:
BTW, I find it a bit much when people load up something with all sorts of crap and then complain something doesn't work properly, when the problem is caused by some of the crap they've install on top of that something.
You think a VPN and pfblocker is "all sorts of crap?" and you think me trying to learn how to resolve the issue is "complaining?"
-
@codybadger said in Issue with network and Gmail and other Google pages:
You think a VPN and pfblocker is "all sorts of crap?" and you think me trying to learn how to resolve the issue is "complaining?"
I wasn't speaking just of you, it's a common problem. However, when resolving a problem, you have to keep things simple and then try to determine what introduces the problem. For example, if you had just plain pfSense, without pfblocker, I doubt you would have seen any issue, as pfSense simply cannot even see the things you're complaining about, as all it sees are encrypted packets. Therefore it is not the cause of the problem. On the other hand, pfblocker might, if what you're seeing is the result of it blocking some stuff etc.. You have to break the problem into pieces to see what makes sense and what doesn't.
-
@codybadger: I'm not sure what your level of IT and web technology expertise is, so you may already understand what I'm about to tell you.
When you visit a web site or use any web-based application, things that load into your browser as you navigate the site and/or use tools in the web-app such as pushbutton or checkbox icons come from all over the place. They do not necessarily all come from the same IP address. For example, some static content text and images may come from one IP address (server) while javacript to operate buttons and other active elements on the page may be called in from a completely different server at a completely different IP address.
So think about this situation when tools such as pfBlocker are enabled. It could be that the server address where some web application is pulling in its required javascript just so happens to be in the same IP netblock as other servers that serve up javascript used for pulling down browser ads. pfBlocker might have that entire IP netblock in one of its ad block lists. Thus it will blindly block all access to IP addresses in that netblock, and one of those IP addresses might be the one your browser is trying to pull down javascript code from to make one of those buttons work in your mail client (just a hypothetical example, but you get the idea).
To see what is actually happening you need to examine everything your pfBlocker setup is blocking. Could be something there is what is causing the web application issues. Of course as a first test, simply turn off pfBlocker completely and see if the apps work then. If they do, you have your answer as to where the issue resides.
-
@JKnott Wireshark - well, since I upgraded Catalina recently, the app won't run and has been investigating. What I meant earlier, I have observe live a connection to Google services with an IP and port 443, then once that connection established, then lots of UDP ports get opened on the same exact IP.
-
@NollipfSense said in Issue with network and Gmail and other Google pages:
then lots of UDP ports get opened on the same exact IP
Those are not part of whatever Google app. They could be something to do with the ads and stuff, but anything directly having anything to do with the Google service would be encrypted, which means you won't see any ports other than 443.
BTW, what's "Catalina"?
-
@JKnott said in Issue with network and Gmail and other Google pages:
BTW, what's "Catalina"?
I know just enough about Apple to recognize that as the name of their lastest OS update. From visiting other forums I frequent for other technologies (video and audio, for example), I've learned that a lot of older applications for Apple hardware have trouble running under the latest Catalina OS. Kind of like the old Windows 95 versus Windows XP thing from long ago.
-
Well, I'm allergic to Apple gear, so I don't follow what happens with it.
-
@JKnott said in Issue with network and Gmail and other Google pages:
Well, I'm allergic to Apple gear
LMAO!