Running : OpenWrt 22.03.2 r19803-9a599fee93 / LuCI openwrt-22.03 branch git-22.288.45147-96ec0cd on Glinet routers (GL-AR750EXT, GL-MT1300 and GL-MT3000)
Hi
I have a curl command that returns no error and gets executed when it is run from mwan3.user if internet connection is via Ethernet:
BUT the same exact command return the following error if I switch in repeater mode (via an Android device hotspot) :
*TLSv1.3 (OUT), TLS handshake, Client hello (1):*
** OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to [api.pushover.net:443](http://api.pushover.net:443/)*
Here is the command:
(/bin/sleep 3;
{
curl -s -v
-F “token=xxxxxxxxxxx”
-F “user=xxxxxxxxxxxx”
-F “device=anydevice”
-F “title=FailOver”
-F “priority=2”
-F “retry=30”
-F “expire=45”
-F “sound=Persistent”
-F “message=Failoverr”
https://api.pushover.net/1/messages.json
}
logger -t “Failover” “TestFailover”)&
If I connect my windows laptop via LAN and execute the same command in Command prompt, no error messages either …
BTW, I found out that if I run ANY curl command from the router command prompt when the connection is via Hotspot on 4G I always have the same result.
I tried the following:
> curl [https://ui.com](https://ui.com/) -v
and got the same error:
root@GL-AR750S:/etc# curl [https://ui.com](https://ui.com/) -v
** TLSv1.3 (OUT), TLS handshake, Client hello (1):*
** OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to [ui.com:443](http://ui.com:443/)*
I extracted a tcpdump of the connection but as I know abolutely nothing about security protocols, I have no clue where to look at ...
10:02:05.532231 IP X.X.X.213.41116 > server-54-192-51-66.yul62.r.cloudfront.net.443: Flags [S], seq 2034016688, win 64240, options [mss 1460,sackOK,TS val 419945492 ecr 0,nop,wscale 4], length 0
10:02:05.533826 IP X.X.X.213.47254 > 192.168.220.170.53: 55349+ PTR? 66.51.192.54.in-addr.arpa. (43)
10:02:05.584138 IP server-54-192-51-66.yul62.r.cloudfront.net.443 > X.X.X.213.41116: Flags [S.], seq 986314330, ack 2034016689, win 65535, options [mss 1420,sackOK,TS val 1406559468 ecr 419945492,nop,wscale 9], length 0
10:02:05.584423 IP X.X.X.213.41116 > server-54-192-51-66.yul62.r.cloudfront.net.443: Flags [.], ack 1, win 4015, options [nop,nop,TS val 419945544 ecr 1406559468], length 0
10:02:05.648108 IP 52.96.230.98.443 > X.X.X.213.56992: Flags [P.], seq 907508948:907508983, ack 1778201573, win 40960, length 35
10:02:05.648325 IP 52.96.230.98.443 > X.X.X.213.56992: Flags [P.], seq 35:1153, ack 1, win 40960, length 1118
10:02:05.649174 IP X.X.X.213.56992 > 52.96.230.98.443: Flags [.], ack 1153, win 1026, length 0
10:02:05.653865 IP 52.96.230.98.443 > X.X.X.213.56993: Flags [P.], seq 3544677385:3544677420, ack 208234926, win 40960, length 35
10:02:05.662121 IP 52.96.230.98.443 > X.X.X.213.56993: Flags [P.], seq 35:1153, ack 1, win 40960, length 1118
10:02:05.663186 IP X.X.X.213.56993 > 52.96.230.98.443: Flags [.], ack 1153, win 1021, length 0
10:02:05.672742 IP 192.168.220.170.53 > X.X.X.213.47254: 55349 1/0/0 PTR [server-54-192-51-66.yul62.r.cloudfront.net](http://server-54-192-51-66.yul62.r.cloudfront.net/). (99)
10:02:05.756455 IP X.X.X.213.41116 > server-54-192-51-66.yul62.r.cloudfront.net.443: Flags [P.], seq 1:518, ack 1, win 4015, options [nop,nop,TS val 419945716 ecr 1406559468], length 517
10:02:05.824159 IP server-54-192-51-66.yul62.r.cloudfront.net.443 > X.X.X.213.41116: Flags [F.], seq 1, ack 518, win 65535, length 0
10:02:05.831001 IP X.X.X.213.41116 > server-54-192-51-66.yul62.r.cloudfront.net.443: Flags [.], ack 2, win 4015, options [nop,nop,TS val 419945791 ecr 1406559468], length 0
10:02:05.848491 IP X.X.X.213.41116 > server-54-192-51-66.yul62.r.cloudfront.net.443: Flags [F.], seq 518, ack 2, win 4015, options [nop,nop,TS val 419945808 ecr 1406559468], length 0
10:02:05.876910 IP server-54-192-51-66.yul62.r.cloudfront.net.443 > X.X.X.213.41116: Flags [F.], seq 2, ack 519, win 65535, length 0