On Fri, 8 Nov 2019, Jeremy Newman wrote: [...]
I should note, the testnet VMs should not be getting banned when traffic is coming from the testnet network. I have a rule in place that ignores the rules for them.
That's worrying because it means the tests are failing for some other unknown reason. So I tested this from vm2 and indeed it looks like there is no banning. But the first wget initially failed a bunch of times:
$ wget -O/dev/null ftp://anonymous:IEUser@ftp.winehq.org/ --2019-11-08 18:29:50-- ftp://anonymous:*password*@ftp.winehq.org/ => ‘.listing’ Resolving ftp.winehq.org (ftp.winehq.org)... 4.15.184.77 Connecting to ftp.winehq.org (ftp.winehq.org)|4.15.184.77|:21... connected. Error in server response. Closing. Retrying.
--2019-11-08 18:29:51-- ftp://anonymous:*password*@ftp.winehq.org/ (try: 2) => ‘.listing’ Connecting to ftp.winehq.org (ftp.winehq.org)|4.15.184.77|:21... connected. Error in server response. Closing. Retrying.
And so on until it magically started working on the 16th try:
--2019-11-08 18:31:35-- ftp://anonymous:*password*@ftp.winehq.org/ (try:16) => ‘.listing’ Connecting to ftp.winehq.org (ftp.winehq.org)|4.15.184.77|:21... connected. Logging in as anonymous ... Logged in! ==> SYST ... done. ==> PWD ... done. ==> TYPE I ... done. ==> CWD not needed. ==> PASV ... done. ==> LIST ... done.
.listing [ <=> ] 245 --.-KB/s in 0s
2019-11-08 18:31:35 (9.96 MB/s) - ‘.listing’ saved [245]
Then the subsequent runs worked:
$ wget -O/dev/null ftp://anonymous:IEUser@ftp.winehq.org/ --2019-11-08 18:31:35-- ftp://anonymous:*password*@ftp.winehq.org/ => ‘.listing’ Resolving ftp.winehq.org (ftp.winehq.org)... 4.15.184.77 Connecting to ftp.winehq.org (ftp.winehq.org)|4.15.184.77|:21... connected. Logging in as anonymous ... Logged in! ==> SYST ... done. ==> PWD ... done. ==> TYPE I ... done. ==> CWD not needed. ==> PASV ... done. ==> LIST ... done.
.listing [ <=> ] 245 --.-KB/s in 0.001s
2019-11-08 18:31:36 (207 KB/s) - ‘.listing’ saved [245]
Removed ‘.listing’.
Unfortunately I did not get the initial bad server response and when I tried from vm1 wget worked the first time around. I wonder if there is something strange going on with inetd or some equivalent. Unless it's something to do with NATing vs. ftp in active mode(*). Maybe I'll retry tomorrow.
(*) I doubt that one because the tests seem to be good about specifying INTERNET_FLAG_PASSIVE, and I believe that would only be an issue if there was some router-level load balancing going on.