Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 4 replies
  • Subscribers 6 subscribers
  • Views 7958 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Problem on Mavericks with socks proxy connections (AV version 9.0.6)

bouscram

Hi 

I have discovered a problem when trying to connect to the web through a SOCKS proxy : when Web Protection is active in Sophos AV (only one of the options need to be on), the connection is impossible (in fact, the TCP connection to the proxy is established, but nothing goes through it).

There is no warning, and nothing in the logs, so I guess it is a bug.

Can you look at it ?

I have seen the problem on 2 different Macs running 10.9.1

:1015223


This thread was automatically locked due to age.
  • 0

    I asked Support about this.  

    Doesn't seem like we're aware of this problem as SOCKS proxy connections are run continuously at Sophos almost every day, and see absolutely no issue at all.

    Need more information:  How do you set up the SOCKs proxy, what software is being used, im assuming you're using Firefox as i dont think Safari or Chrome allow you to proxy through a SOCKs proxy.  Version of OS X, etc.

    :1015281
  • 0

    Here are the details (I have seen the same problem with 2 different Macs using the same settings) :

    OS X 10.9.1

    SOCKS proxy created with the default OpenSSH from the OS (6.2p2) / I also tried with 6.1p1 with the same result (command used : ssh -D 8888 remotehost)

    The proxy can be local or on another machine with the same result

    The problem is present with Safari or Chrome (which use the global system proxy setting) or Firefox (using the global proxy settings or its own). It appears only when one of Sophos'  "Web Protection" options is "ON".

    What happens is that the TCP connection to the proxy opens correctly, but nothing more is transmitted by the browser (I checked with Wireshark). There is no log of Sophos blocking anything.

    Removing Web Protection corrects immediately the problem. 

    :1015287
  • 0

    As nobody at Sophos is able to provide an answer, here is a solution : if you add 127.0.0.1 in the authorised websites, the problem disappears. It still looks like a bug to me, as no blocking is reported.

    (got it from a friendly user on Apple Community Forums)

    :1015571