[isalist] Re: Accessing live media streams over TMG
- From: Jim Harrison <Jim@xxxxxxxxxxxx>
- To: "isalist@xxxxxxxxxxxxx" <isalist@xxxxxxxxxxxxx>
- Date: Mon, 17 May 2010 16:51:12 +0000
Someone buggered the streaming content on the whyy site.
When you click the whyy link, your browser makes a request for
"http://www.whyy.org/91FM/whyy_hd.asx";, for which the Crapache server produces
the following response:
- Http: Response, HTTP/1.1, Status: Ok, URL: http://www.whyy.org/91FM/whyy.asx
ProtocolVersion: HTTP/1.1
StatusCode: 200, Ok
Reason: OK
Via: 1.1 HEARTOFGOLD-01
Connection: Keep-Alive
ProxyConnection: Keep-Alive
ContentLength: 24
Date: Mon, 17 May 2010 16:33:20 GMT
Age: 0
+ ContentType: video/x-ms-asf
ETag: "55d284-18-e8d90480"
Server: Apache/2.0.52 (CentOS)
Accept-Ranges: bytes
Last-Modified: Thu, 20 Jan 2005 20:52:18 GMT
HeaderEnd: CRLF
payload: HttpContentType = video/x-ms-asf
- ASF: Advanced Systems Format
http://207.245.67.204:80
WinMedia forgives the lack of XML formatting in the response and attempts to
reach the specified location, which then responds with
- Http: HTTP Payload, URL: /
- payload: HttpContentType = NetmonNull
HTTPPayloadLine: ICY 200 OK
HTTPPayloadLine: icy-notice1:<BR>This stream requires <a
href="http://www.winamp.com/";>Winamp</a><BR>
HTTPPayloadLine: icy-notice2:SHOUTcast Distributed Network Audio
Server/win32 v1.9.5<BR>
..followed by 305 bytes of more noise.
The reason TMG rejects this response is because the it isn't formed properly:
1. There is no separation between the header fields and the response body
2. The response includes no indication of response-body size, yet it
include a total of 408 bytes (apparently an mpeg file).
3. The response-body includes ill-formed HTML
IOW, WHYY steaming media admins have borked the content.
Jim
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On
Behalf Of Rob Moore
Sent: Monday, May 17, 2010 8:45 AM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: Accessing live media streams over TMG
No thoughts on this one folks? Or will I need to call PSS?
Thanks,
Rob
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On
Behalf Of Rob Moore
Sent: Friday, May 14, 2010 11:08 AM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Accessing live media streams over TMG
OK, now another question. A user in our External Affairs department (deals with
media) needs to listen to the live stream for our local public radio station.
She goes to www.whyy.org<http://www.whyy.org> and clicks on the Listen Live
link. On the "Listen Live" page, she clicks on the "Listen with Windows Media
Player link. When we were on ISA 2006, this worked. On TMG it fails. I'll post
the TMG error at the bottom of my message.
If I turn off Malware Inspection, the live stream works.
I tried turning Malware Inspection back on but putting *.whyy.org into the
Destination Exceptions list (in Malware Inspection). That didn't help.
Just for kicks, I tried listening to the live stream from
www.wnyc.org<http://www.wnyc.org>. Both streams are in the asx format. The one
from wnyc.org works. Offhand, I can't think of why one asx stream works and
another one doesn't.
The computers in question are all SecureNAT clients.
Any thoughts about what's going on?
Here's the error I'm getting:
Client Agent Authenticated Client Service Referring Server
Destination Host Name Transport HTTP Method Filter
Information MIME Type Object Source Cache Information
Error Information Source Port Session Type
Bidirectional Network Interface Raw IP Header Raw Payload
Processing Time Bytes Sent Bytes Received Original Client IP
GMT Log Time Authentication Server UAG Array Id UAG
Version UAG Module Id UAG Id UAG Severity UAG Type
UAG Event Name UAG Session Id UAG Trunk Name
UAG Service Name UAG Error Code Internal Service Info
Log Field Client Application SHA1 Hash Client Application
Trust State Client Application Internal Name Client
Application Product Name Client Application Product Version
Client Application File Version Client Application Original File Name
Client FQDN URL Categorization Reason Forefront TMG Client
Version URL Destination Host Name Log Time Client IP
Destination IP Destination Port Protocol
Action NIS Scan Result NIS Signature NIS Application Protocol
Rule Result Code HTTP Status Code Client
Username Source Network Destination Network
URL Server Name URL Category Log Record Type
Malware Inspection Action Malware Inspection Result Threat
Name Threat Level Content Delivery Method Malware
Inspection Duration (msec) NAT Address Client Application Path
NSPlayer/11.0.5721.5251 Yes Proxy
207.245.67.204 TCP GET Req ID: 04105d1a; Compression: client=No,
server=Yes, compress rate=0% decompress rate=0%
Internet 0x40000004 0x400 1566
SecureNAT - - -
109 21883 556 - 5/14/2010 2:42:41 PM
0 0
0 0 - -
- - - - -
Not in database - 207.245.67.204 5/14/2010
10:42:41 AM 172.17.201.86 207.245.67.204 80 http
Failed Connection Attempt Inspected
Allow Web Access for All Users 12210 An Internet
Server API (ISAPI) filter has finished handling the request. Contact your
system administrator. anonymous Internal External
http://207.245.67.204/ PHL-TMG1 Unknown Web Proxy
Filter Blocked Response with Unsupported Format
Received 0
209.120.230.99 -
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Rob Moore
Network Manager
215-241-7870
Helpdesk: 800-500-AFSC
Other related posts:
