At the weekend I decided to make a major update to the photo gallery, since a large number of photos weren’t up yet. Although a bit clunky, the gallery software I was using (Gallery2) did the job nicely – and it even has an accompanying desktop app which lets you upload photos en masse.
But at the weekend it refused to upload anything successfully, complaining about PHP and web server upload limits – things over which I have no control. So I went back to using the clunky web interface to upload my photos, only to be greeted by the useless “Internet Explorer cannot display the webpage” page on each attempt.
Things didn’t look good. So I decided to download a cleaner-looking and simpler gallery application (Plogger) to give it a go. Still no luck.
Having ruled out the problem being Gallery2, I decided my website host had changed some things on their side. A quick Google later, and I realised that I couldn’t upload anything more than small text files to any server. So it’s not my website host.
Good job I didn’t send them that email.
But wait, I can upload files to the gallery using a machine on the other side of the corporate VPN… which uses the corporate Internet connection. So it must be my ISP. It must be. Surely? After another quick Google, I read that a number of ISPs have been caught sending fake TCP reset packets to their users so that ‘undesirable’ connections (ie. file sharing applications) are disconnected.
Knowing how to troubleshoot this kind of problem, I proceed to download Wireshark, a network protocol analyzer (formerly Ethereal). Sure enough, each time I try to upload a .jpeg or .bmp or… in fact almost any type of file, I receive a TCP RST message – surely the fake reset message sent to me by my interfering ISP!
However, it seems that my ISP is blameless after all.
It turns out the latest firmware for my Draytek 2800 router adds an innocent-looking option called “Drop non-http connection on TCP port 80″ which is enabled by default. I feel it should be more accurately called “break everything”. Disabling it fixed the problem, but it took an entire lunch break.
