Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
23.1 Legacy Series
»
[SOLVED] PR_END_OF_FILE_ERROR when browsing to any protonmail site
« previous
next »
Print
Pages: [
1
]
Author
Topic: [SOLVED] PR_END_OF_FILE_ERROR when browsing to any protonmail site (Read 4045 times)
themadwizard
Newbie
Posts: 14
Karma: 0
[SOLVED] PR_END_OF_FILE_ERROR when browsing to any protonmail site
«
on:
June 22, 2023, 03:34:04 am »
Earlier this week, I started getting PR_END_OF_FILE_ERROR from FireFox when trying to go to protonmail and I have seen it on a couple of other random sites. No device on my network is able to load protonmail, not from any browser, phone, or app. I have tried disabling AV, etc., to no avail. I updated the firewall to OPNsense 23.1.9-amd64 hoping that might resolve it, but the issue persists. If I take my devices off my network, they can connect fine. The common point is the firewall. Does anyone have any ideas of what I can do to resolve this? I have added the various proton* sites to the SSL no bump list, but no change. I can nslookup the proton sites and ping them with no trouble.
Thoughts?
«
Last Edit: June 29, 2023, 03:39:27 am by themadwizard
»
Logged
zan
Full Member
Posts: 175
Karma: 31
Re: PR_END_OF_FILE_ERROR when browsing to any protonmail site, plus random others
«
Reply #1 on:
June 22, 2023, 04:58:12 am »
Sounds like SSL problem. Have you tried direct connection without proxy? Using different browser?
Logged
themadwizard
Newbie
Posts: 14
Karma: 0
Re: PR_END_OF_FILE_ERROR when browsing to any protonmail site, plus random others
«
Reply #2 on:
June 22, 2023, 05:37:27 am »
I haven't tried a direct connection without a proxy, as that will take the whole site down. I might do that late tonight.
As far as browsers, I have tried it in Firefox and Chrome (normal and incognito/private) on multiple windows computers, Firefox on Android, the Protonmail Android app, the Proton Drive Android app, all with the same results of being unable to connect to the site. If I disable the wifi on my phone, Proton Mail works immediately.
Logged
themadwizard
Newbie
Posts: 14
Karma: 0
Re: PR_END_OF_FILE_ERROR when browsing to any protonmail site, plus random others
«
Reply #3 on:
June 23, 2023, 09:14:36 am »
Well, I have confirmed it, it is something with the proxy server. I disabled the rules forcing SSL traffic to the proxy server, and I was able to connect to protonmail sites. As soon as I re-enabled the rules (rules that have been in place for years), I was no longer able to go to the sites.
Any thoughts as to where I should start looking in the proxy server?
Logged
zan
Full Member
Posts: 175
Karma: 31
Re: PR_END_OF_FILE_ERROR when browsing to any protonmail site, plus random others
«
Reply #4 on:
June 23, 2023, 04:30:15 pm »
Are you using Squid proxy?
Might need to check your Squid's CA certificate if it still valid, also try running "curl -v" from one of your clients to get more verbose error messages.
Logged
themadwizard
Newbie
Posts: 14
Karma: 0
Re: PR_END_OF_FILE_ERROR when browsing to any protonmail site, plus random others
«
Reply #5 on:
June 29, 2023, 03:38:05 am »
Thanks for the curl -v tip. I had tried curl with other options, but not that one. Following that trail led me to running curl -t
http://proton.me/mail
and getting an Access Control List bock error. There is no reason whatsoever that proton should be in an ACL, but after whitelisting it (I had already whitelisted everything but proton.me) and bouncing Squid, I am able to access it again.
It appears that the UT1 list added proton.me to their VPN category, even though that domain is used for ALL of Proton's services.
Logged
Marcel_75
Full Member
Posts: 177
Karma: 5
Re: [SOLVED] PR_END_OF_FILE_ERROR when browsing to any protonmail site
«
Reply #6 on:
October 07, 2023, 01:01:32 am »
I know this was already marked as solved, but the "PR_END_OF_FILE_ERROR" gave me also some nuts today, so I've found this thread and also got 'an idea' what's going wrong.
On my setup it wasn't a proxy server but
Zenarmor
.
It's very important to know – also if you 'whitelist' a domain in Services / BIND / Configuration / DNSBL / Whitelist Domains or Services / Unbound DNS / Blocklist / Whitelist Domains (or also in Adguard Home), Zenarmor could still
block domains
!
If you go to Zenarmor / Live Sessions / Blocks you will see all blocked domains -> here you can 'allow' the wrongly blocked hostname globally and also 'send this re-categorization as a feedback to Zenarmor Team to improve web categorization' if you want.
That's it.
«
Last Edit: October 07, 2023, 01:04:42 am by Marcel_75
»
Logged
The fact that we live at the bottom of a deep gravity well, on the surface of a gas covered planet going around a nuclear fireball 90 million miles away and think this to be normal is obviously some indication of how skewed our perspective tends to be. (Douglas Adams)
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
23.1 Legacy Series
»
[SOLVED] PR_END_OF_FILE_ERROR when browsing to any protonmail site