Re: [users@httpd] Reverse DNS lookup issue - No access from WAN, but LAN works fine

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



what do the default access and error logs say?

----- Original Message ----- From: "Vincent Lextrait" <lextrait@xxxxxxxx>
To: <users@xxxxxxxxxxxxxxxx>
Sent: Sunday, April 02, 2006 11:09 PM
Subject: Re: [users@httpd] Reverse DNS lookup issue - No access from WAN, but LAN works fine


Yes, I do.
Actually I noticed that my dummy web server works, but the reverse DNS query happens in that case too. But the external connection gets the proper TCP ack (right before the reverse DNS query). It never gets it from Apache. The SYN remains unanswered. ----- Original Message ----- From: "Emmanuel E" <emmanuel.e@xxxxxxx>
To: <users@xxxxxxxxxxxxxxxx>
Sent: Sunday, April 02, 2006 6:52 PM
Subject: Re: [users@httpd] Reverse DNS lookup issue - No access from WAN, but LAN works fine


Do you have a "Listen 80" directive somewhere in the conf file?
----- Original Message ----- From: "Vincent Lextrait" <lextrait@xxxxxxxx>
To: <users@xxxxxxxxxxxxxxxx>
Sent: Sunday, April 02, 2006 7:13 PM
Subject: [users@httpd] Reverse DNS lookup issue - No access from WAN, but LAN works fine


Hi all,
I am running Apache 2.0.55 for win32, without add-ons, on Windows XP Professional SP2, with firewall and anti spyware all deactivated. The conf file is very plain. The problem is that Apache, listening on port 80, does not accept connections from the WAN, only from the LAN. I have replaced Apache with a dumb little web server, also listening on port 80. It answers beautifully. This rules out (I think) any obvious router or ISP problem. Anyway, a sniffer (see further) shows traffic coming to the server. Apache does not show any booting error, and does not log any error. It does not log any traffic either, when it comes from the WAN. I have tried to deactivate mod_access in the conf file, and also tried to insert:

EnableSendfile Off
EnableMMAP Off
Win32DisableAcceptEx

to avoid any weird problem. The behavior is exactly the same.
In order to see if connections attempts were reaching my server (Joe), I've used WinDump (trace below). The trace shows that the server receives a SYN request from the external machine I am using to test the setup (I tried also several other ones, same thing). The second trace is a reverse DNS lookup, which is coming from Apache (although mod_access is deactivated). Apache tries to gather information on the external machine I assume. I do not understand why it does that. The third trace is the answer from the DNS (I am not aware of any DNS issue I would have, everything seems to work just fine). I do not know how to interpret the answer trace. After, no traffic is coming from Apache, and the external machine is retrying a few times, without any success and any further reverse DNS lookup from my machine. The connection is not finalized, Apache keeps ignoring the SYN requests. I've tried Ethereal to gather further information, but, for some mysterious reason, it does not display the reverse DNS lookups, only the SYNs. There is most likely something huge I am missing, or I made some wrong interpretation. The fact is that I am stuck at this stage.
I include an extract of my conf file at the end of this post.
Any help is highly welcome!
Thanks in advance,
Vincent

10:09:22.968821 IP 90.55.21.72.reverse.layeredtech.com.39142 > Joe.80: S 3993964586:3993964586(0) win 5840 <mss 1400,sackOK,timestamp 56209604 0,nop,wscale 2>
0x0000:  0080 ad05 3e1a 00a0 c522 2821 0800 4500  ....>...."(!..E.
0x0010:  003c a0ee 4000 2906 6f92 4815 375a c0a8  .<..@.).o.H.7Z..
0x0020:  0124 98e6 0050 ee0f 102a 0000 0000 a002  .$...P...*......
0x0030:  16d0 a4a7 0000 0204 0578 0402 080a 0359  .........x.....Y
0x0040:  b0c4 0000 0000 0103 0302                 ..........
10:09:23.444588 IP Joe.3044 > dns1.swip.net.53: 14727+ PTR? 90.55.21.72.in-addr.arpa. (42)
0x0000:  00a0 c522 2821 0080 ad05 3e1a 0800 4500  ..."(!....>...E.
0x0010:  0046 5c4f 0000 8011 19f6 c0a8 0124 82f4  .F\O.........$..
0x0020:  7fa1 0be4 0035 0032 0f64 3987 0100 0001  .....5.2.d9.....
0x0030:  0000 0000 0000 0239 3002 3535 0232 3102  .......90.55.21.
0x0040:  3732 0769 6e2d 6164 6472 0461 7270 6100  72.in-addr.arpa.
0x0050:  000c 0001                                ....
10:09:23.773839 IP dns1.swip.net.53 > Joe.3044: 14727 1/7/8 PTR[|domain]
0x0000:  0080 ad05 3e1a 00a0 c522 2821 0800 4500  ....>...."(!..E.
0x0010:  019a 0fd9 4000 f311 b217 82f4 7fa1 c0a8  ....@...........
0x0020:  0124 0035 0be4 0186 f081 3987 8180 0001  .$.5......9.....
0x0030:  0001 0007 0008 0239 3002 3535 0232 3102  .......90.55.21.
0x0040:  3732 0769 6e2d 6164 6472 0461 7270 6100  72.in-addr.arpa.
0x0050:  000c 0001 c00c 000c 0001 0001 27dd 0025  ............'..%
10:09:24.787670 IP Joe.3045 > dns1.swip.net.53: 20356+ PTR? 161.127.244.130.in-addr.arpa. (46)
0x0000:  00a0 c522 2821 0080 ad05 3e1a 0800 4500  ..."(!....>...E.
0x0010:  004a 5c50 0000 8011 19f1 c0a8 0124 82f4  .J\P.........$..
0x0020:  7fa1 0be5 0035 0036 eea2 4f84 0100 0001  .....5.6..O.....
0x0030:  0000 0000 0000 0331 3631 0331 3237 0332  .......161.127.2
0x0040:  3434 0331 3330 0769 6e2d 6164 6472 0461  44.130.in-addr.a
0x0050:  7270 6100 000c 0001                      rpa.....
10:09:24.987985 IP dns1.swip.net.53 > Joe.3045:  20356 1/5/8 (359)
0x0000:  0080 ad05 3e1a 00a0 c522 2821 0800 4500  ....>...."(!..E.
0x0010:  0183 0fda 4000 f311 b22d 82f4 7fa1 c0a8  ....@....-......
0x0020:  0124 0035 0be5 016f 9fc7 4f84 8180 0001  .$.5...o..O.....
0x0030:  0001 0005 0008 0331 3631 0331 3237 0332  .......161.127.2
0x0040:  3434 0331 3330 0769 6e2d 6164 6472 0461  44.130.in-addr.a
0x0050:  7270 6100 000c 0001 c00c 000c 0001 0000  rpa.............
10:09:25.967812 IP 90.55.21.72.reverse.layeredtech.com.39142 > Joe.80: S 3993964586:3993964586(0) win 5840 <mss 1400,sackOK,timestamp 56212604 0,nop,wscale 2>
0x0000:  0080 ad05 3e1a 00a0 c522 2821 0800 4500  ....>...."(!..E.
0x0010:  003c a0f0 4000 2906 6f90 4815 375a c0a8  .<..@.).o.H.7Z..
0x0020:  0124 98e6 0050 ee0f 102a 0000 0000 a002  .$...P...*......
0x0030:  16d0 98ef 0000 0204 0578 0402 080a 0359  .........x.....Y
0x0040:  bc7c 0000 0000 0103 0302                 .|........
10:09:31.968696 IP 90.55.21.72.reverse.layeredtech.com.39142 > Joe.80: S 3993964586:3993964586(0) win 5840 <mss 1400,sackOK,timestamp 56218604 0,nop,wscale 2>
0x0000:  0080 ad05 3e1a 00a0 c522 2821 0800 4500  ....>...."(!..E.
0x0010:  003c a0f2 4000 2906 6f8e 4815 375a c0a8  .<..@.).o.H.7Z..
0x0020:  0124 98e6 0050 ee0f 102a 0000 0000 a002  .$...P...*......
0x0030:  16d0 817f 0000 0204 0578 0402 080a 0359  .........x.....Y
0x0040:  d3ec 0000 0000 0103 0302                 ..........

Here is an the virtual host definitions extract from my conf file:

<VirtualHost 192.168.1.36:80>
   ServerAdmin lextrait@xxxxxxxx
   DocumentRoot C:/www/Aurinko
   ServerName www.aurinko.com
   ErrorLog logs/www.aurinko.com-error_log
   CustomLog logs/www.aurinko.com-access_log common
</VirtualHost>

<VirtualHost 192.168.1.36:80>
   ServerAdmin lextrait@xxxxxxxx
   DocumentRoot C:/www/Thomas
   ServerName thomas.lextrait.com
   ErrorLog logs/thomas.lextrait.com-error_log
   CustomLog logs/thomas.lextrait.com-access_log common
</VirtualHost>

<VirtualHost 192.168.1.36:80>
   ServerAdmin lextrait@xxxxxxxx
   DocumentRoot C:/www/Lextrait
   ServerName www.lextrait.com
   ErrorLog logs/www.lextrait.com-error_log
   CustomLog logs/www.lextrait.com-access_log common
</VirtualHost>


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
  "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
  "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
  "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
  "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx



[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux