Communicating with the LAN's MSSQL Server in the .net 2003 IDE

I am using VB .Net 2003 as the IDE for SQL Reporting Services report designer. I went to open a report for editting (after freshly installing CPF Beta 2.3.2.21), and when I went to go work with the dataset query, I eventually got a timeout error (see attached image); after answering the application popup to allow devenv.exe.

The dataset is defined to attach to a database on a Server hosting SQL.

So I checked the logs and found 2 suspects:

  • Date/Time :2006-08-01 11:35:54
    Severity :High
    Reporter :Network Monitor
    Description: Blocked by Protocol Analysis (Fragmented IP Packet)
    Direction: IP Outgoing
    Source: 192.168.X.94
    Remote: 192.168.X.200
    Protocol : UDP
    Reason: Fragmented IP packets are not allowed

  • Date/Time :2006-08-01 11:35:54
    Severity :High
    Reporter :Network Monitor
    Description: Blocked by Protocol Analysis (Fake or Malformed UDP Packet)
    Direction: UDP Outgoing
    Source: 192.168.X.94:2930
    Remote: 192.168.X.200:88
    Reason: UDP packet length and the size on the wire(1504 bytes) do not match

I seemed to be able to get past the first issue by going into the Advanced Tab and unchecking Block fragmented IP datagrams. Am I opening something I don’t want to here on my work LAN by doing that?

So, this leaves me with getting past the last hurdle; assuming it is safe to do so. I can’t seem to find an option that controls the blocking of Fake or Malformed UDP Packets.

The part that concerns me is that these “advanced” toggles are global, where I would feel more comfortable if they could be restricted to a Zone. But I guess I do need to remember that our corporate firewall is in place as well; and doing it’s job.

Would any of the application flags helped with either issue? Like “Allow invisible”? I doubt it, but thought I’d throw that out there.

Thanks in advance!

(R)

[attachment deleted by admin]

OK, this gets stranger… I decided to try closing/reloading VB .net… and it worked!

So to play, I went back into advance, rechecked the “block fragmented ip”, closing/reloading VB .net… and it worked??? ???

So was my problem CPF blocking things by default until the Aplication rule was defined, then needing to restart the application to reset CPF’s “temporary blocked app list”?

I’m glad I’m up and running, but understandiong what happened here would be comforting. :wink:

Hi Mongod,

Sometimes during the network communication, some packets are lost or damaged during the transfer. OR sometimes they follow different routes that may need fragmentation, sometimes not. Thats why you observed 2 different cases. Usually when you allowed fragmented packets, this issue would be solved but it is better to wait for the next BETA release to be sure about what is going on.

Egemen

Thanks for the reply egemen, I’ll definitely try this again with the newer CPF version.

egemen, I could get around this “problem” by disabling Do Protocal Analysis. I am using the latest official release 2.3.5.62.

The issue seemed to be one of authentication being blocked by this option on my domain as discussed here.

If this is a bug (undesired result) with this feature, tell me what I can provide you with to address it.

(:NRD)

What does the protocvol analysis block? Fragmented IP packets? If so, allowing them did not help?

It looks like the Fake or Malformed UDP Packet are the “kickers”.

Block fragmented IP datagrams and Do protocal analysis selected

  • Login slowness/authentication issues
  • Blocked by Protocol Analysis (Fragmented IP Packet), log entries
  • Blocked by Protocol Analysis (Fake or Malformed UDP Packet), log entries

Do protocal analysis selected and Block fragmented IP datagrams unselected

  • Login slowness/authentication issues
  • Blocked by Protocol Analysis (Fake or Malformed UDP Packet), log entries

Block fragmented IP datagrams selected and Do protocal analysis unselected

  • No Login slowness/authentication issues
  • No log entries of any kind

FYI… updated to the 2.3.6.81 release… same issue.