I am using an IPTV provider for channels streams. The stations url format is as follows: https://URL.xyz:443/play/random.letters/ts
But some channels are working and others are not. I am stumped at what is making UTM block some stations and not others !! The only difference in the link is the "random.letters" part.
Hi and welcome to the UTM Community!
Copy here a few lines from the Web Filtering log where a station is blocked.
Cheers - Bob
It isn't showing that it was blocked I guess, but it times out. There is no issue streaming when I take the firewall off.
2021:10:19-14:01:48 UTM httpproxy[5108]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.168.3.92" dstip="URL.IP" user="" group="" ad_domain="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="6834" request="0xd55b5500" url="https://URL.xyz/" referer="" error="" authtime="0" dnstime="7" aptptime="149" cattime="0" avscantime="0" fullreqtime="379765" device="0" auth="0" ua="" exceptions="av,auth,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size" 2021:10:19-14:02:10 UTM httpproxy[5108]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.168.3.92" dstip="URL.IP" user="" group="" ad_domain="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="6839" request="0xd9465500" url="https://URL.xyz/" referer="" error="" authtime="0" dnstime="13" aptptime="287" cattime="0" avscantime="0" fullreqtime="378286" device="0" auth="0" ua="" exceptions="av,auth,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size" 2021:10:19-14:02:33 UTM httpproxy[5108]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.168.3.92" dstip="URL.IP" user="" group="" ad_domain="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="6840" request="0xd8de6700" url="https://URL.xyz/" referer="" error="" authtime="0" dnstime="12" aptptime="319" cattime="0" avscantime="0" fullreqtime="358483" device="0" auth="0" ua="" exceptions="av,auth,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size"
My VLC player log shows:
http error: local stream 1 error: Cancellation (0x8) gnutls error: TLS handshake error: Error in the push function. main error: TLS session handshake error main error: connection error: Interrupted function call access error: HTTP connection failure
We're looking for lines without action=pass. You'll probably also see statuscode="5. or statuscode="4. You might get some of these lines with:
cd /home grep 'statuscode="[45]' /var/log/http.log|more
Thank you BAlfson. Unfortunately I am not seeing any action=fail related to the IPTV link even though the channels in question are trying to stream but failing. . Opening traffic on the UTM clears all streams.
Without relevant lines from the log, it's hard to help you. A WAG would be to add a DNS Group for the FQDN to the Transparent mode skiplist on the 'Advanced' tab.