Re: [users@httpd] Reverse DNS lookup issue - No access from WAN, but LAN works fine

["Emmanuel E" <emmanuel.e@xxxxxxx>]

what do the default access and error logs say?

----- Original Message ----- 
From: "Vincent Lextrait" <lextrait@xxxxxxxx>
To: <users@xxxxxxxxxxxxxxxx>
Sent: Sunday, April 02, 2006 11:09 PM
Subject: Re: [users@httpd] Reverse DNS lookup issue - No access from WAN, 
but LAN works fine


> Yes, I do.
> Actually I noticed that my dummy web server works, but the reverse DNS 
> query happens in that case too. But the external connection gets the 
> proper TCP ack (right before the reverse DNS query). It never gets it from 
> Apache. The SYN remains unanswered.
> ----- Original Message ----- 
> From: "Emmanuel E" <emmanuel.e@xxxxxxx>
> To: <users@xxxxxxxxxxxxxxxx>
> Sent: Sunday, April 02, 2006 6:52 PM
> Subject: Re: [users@httpd] Reverse DNS lookup issue - No access from WAN, 
> but LAN works fine
>
>
> > Do you have a "Listen 80" directive somewhere in the conf file?
> > ----- Original Message ----- 
> > From: "Vincent Lextrait" <lextrait@xxxxxxxx>
> > To: <users@xxxxxxxxxxxxxxxx>
> > Sent: Sunday, April 02, 2006 7:13 PM
> > Subject: [users@httpd] Reverse DNS lookup issue - No access from WAN, but 
> > LAN works fine
> >
> >
> > > Hi all,
> > > I am running Apache 2.0.55 for win32, without add-ons, on Windows XP 
> > > Professional SP2, with firewall and anti spyware all deactivated. The 
> > > conf file is very plain.
> > > The problem is that Apache, listening on port 80, does not accept 
> > > connections from the WAN, only from the LAN. I have replaced Apache with 
> > > a dumb little web server, also listening on port 80. It answers 
> > > beautifully. This rules out (I think) any obvious router or ISP problem. 
> > > Anyway, a sniffer (see further) shows traffic coming to the server.
> > > Apache does not show any booting error, and does not log any error. It 
> > > does not log any traffic either, when it comes from the WAN.
> > > I have tried to deactivate mod_access in the conf file, and also tried 
> > > to insert:
> > >
> > > EnableSendfile Off
> > > EnableMMAP Off
> > > Win32DisableAcceptEx
> > >
> > > to avoid any weird problem. The behavior is exactly the same.
> > > In order to see if connections attempts were reaching my server (Joe), 
> > > I've used WinDump (trace below). The trace shows that the server 
> > > receives a SYN request from the external machine I am using to test the 
> > > setup (I tried also several other ones, same thing).
> > > The second trace is a reverse DNS lookup, which is coming from Apache 
> > > (although mod_access is deactivated). Apache tries to gather information 
> > > on the external machine I assume. I do not understand why it does that.
> > > The third trace is the answer from the DNS (I am not aware of any DNS 
> > > issue I would have, everything seems to work just fine). I do not know 
> > > how to interpret the answer trace.
> > > After, no traffic is coming from Apache, and the external machine is 
> > > retrying a few times, without any success and any further reverse DNS 
> > > lookup from my machine. The connection is not finalized, Apache keeps 
> > > ignoring the SYN requests.
> > > I've tried Ethereal to gather further information, but, for some 
> > > mysterious reason, it does not display the reverse DNS lookups, only the 
> > > SYNs.
> > > There is most likely something huge I am missing, or I made some wrong 
> > > interpretation. The fact is that I am stuck at this stage.
> > > I include an extract of my conf file at the end of this post.
> > > Any help is highly welcome!
> > > Thanks in advance,
> > > Vincent
> > >
> > > 10:09:22.968821 IP 90.55.21.72.reverse.layeredtech.com.39142 > Joe.80: S 
> > > 3993964586:3993964586(0) win 5840 <mss 1400,sackOK,timestamp 56209604 
> > > 0,nop,wscale 2>
> > > 0x0000:  0080 ad05 3e1a 00a0 c522 2821 0800 4500  ....>...."(!..E.
> > > 0x0010:  003c a0ee 4000 2906 6f92 4815 375a c0a8  .<..@.).o.H.7Z..
> > > 0x0020:  0124 98e6 0050 ee0f 102a 0000 0000 a002  .$...P...*......
> > > 0x0030:  16d0 a4a7 0000 0204 0578 0402 080a 0359  .........x.....Y
> > > 0x0040:  b0c4 0000 0000 0103 0302                 ..........
> > > 10:09:23.444588 IP Joe.3044 > dns1.swip.net.53:  14727+ PTR? 
> > > 90.55.21.72.in-addr.arpa. (42)
> > > 0x0000:  00a0 c522 2821 0080 ad05 3e1a 0800 4500  ..."(!....>...E.
> > > 0x0010:  0046 5c4f 0000 8011 19f6 c0a8 0124 82f4  .F\O.........$..
> > > 0x0020:  7fa1 0be4 0035 0032 0f64 3987 0100 0001  .....5.2.d9.....
> > > 0x0030:  0000 0000 0000 0239 3002 3535 0232 3102  .......90.55.21.
> > > 0x0040:  3732 0769 6e2d 6164 6472 0461 7270 6100  72.in-addr.arpa.
> > > 0x0050:  000c 0001                                ....
> > > 10:09:23.773839 IP dns1.swip.net.53 > Joe.3044:  14727 1/7/8 
> > > PTR[|domain]
> > > 0x0000:  0080 ad05 3e1a 00a0 c522 2821 0800 4500  ....>...."(!..E.
> > > 0x0010:  019a 0fd9 4000 f311 b217 82f4 7fa1 c0a8  ....@...........
> > > 0x0020:  0124 0035 0be4 0186 f081 3987 8180 0001  .$.5......9.....
> > > 0x0030:  0001 0007 0008 0239 3002 3535 0232 3102  .......90.55.21.
> > > 0x0040:  3732 0769 6e2d 6164 6472 0461 7270 6100  72.in-addr.arpa.
> > > 0x0050:  000c 0001 c00c 000c 0001 0001 27dd 0025  ............'..%
> > > 10:09:24.787670 IP Joe.3045 > dns1.swip.net.53:  20356+ PTR? 
> > > 161.127.244.130.in-addr.arpa. (46)
> > > 0x0000:  00a0 c522 2821 0080 ad05 3e1a 0800 4500  ..."(!....>...E.
> > > 0x0010:  004a 5c50 0000 8011 19f1 c0a8 0124 82f4  .J\P.........$..
> > > 0x0020:  7fa1 0be5 0035 0036 eea2 4f84 0100 0001  .....5.6..O.....
> > > 0x0030:  0000 0000 0000 0331 3631 0331 3237 0332  .......161.127.2
> > > 0x0040:  3434 0331 3330 0769 6e2d 6164 6472 0461  44.130.in-addr.a
> > > 0x0050:  7270 6100 000c 0001                      rpa.....
> > > 10:09:24.987985 IP dns1.swip.net.53 > Joe.3045:  20356 1/5/8 (359)
> > > 0x0000:  0080 ad05 3e1a 00a0 c522 2821 0800 4500  ....>...."(!..E.
> > > 0x0010:  0183 0fda 4000 f311 b22d 82f4 7fa1 c0a8  ....@....-......
> > > 0x0020:  0124 0035 0be5 016f 9fc7 4f84 8180 0001  .$.5...o..O.....
> > > 0x0030:  0001 0005 0008 0331 3631 0331 3237 0332  .......161.127.2
> > > 0x0040:  3434 0331 3330 0769 6e2d 6164 6472 0461  44.130.in-addr.a
> > > 0x0050:  7270 6100 000c 0001 c00c 000c 0001 0000  rpa.............
> > > 10:09:25.967812 IP 90.55.21.72.reverse.layeredtech.com.39142 > Joe.80: S 
> > > 3993964586:3993964586(0) win 5840 <mss 1400,sackOK,timestamp 56212604 
> > > 0,nop,wscale 2>
> > > 0x0000:  0080 ad05 3e1a 00a0 c522 2821 0800 4500  ....>...."(!..E.
> > > 0x0010:  003c a0f0 4000 2906 6f90 4815 375a c0a8  .<..@.).o.H.7Z..
> > > 0x0020:  0124 98e6 0050 ee0f 102a 0000 0000 a002  .$...P...*......
> > > 0x0030:  16d0 98ef 0000 0204 0578 0402 080a 0359  .........x.....Y
> > > 0x0040:  bc7c 0000 0000 0103 0302                 .|........
> > > 10:09:31.968696 IP 90.55.21.72.reverse.layeredtech.com.39142 > Joe.80: S 
> > > 3993964586:3993964586(0) win 5840 <mss 1400,sackOK,timestamp 56218604 
> > > 0,nop,wscale 2>
> > > 0x0000:  0080 ad05 3e1a 00a0 c522 2821 0800 4500  ....>...."(!..E.
> > > 0x0010:  003c a0f2 4000 2906 6f8e 4815 375a c0a8  .<..@.).o.H.7Z..
> > > 0x0020:  0124 98e6 0050 ee0f 102a 0000 0000 a002  .$...P...*......
> > > 0x0030:  16d0 817f 0000 0204 0578 0402 080a 0359  .........x.....Y
> > > 0x0040:  d3ec 0000 0000 0103 0302                 ..........
> > >
> > > Here is an the virtual host definitions extract from my conf file:
> > >
> > > <VirtualHost 192.168.1.36:80>
> > >    ServerAdmin lextrait@xxxxxxxx
> > >    DocumentRoot C:/www/Aurinko
> > >    ServerName www.aurinko.com
> > >    ErrorLog logs/www.aurinko.com-error_log
> > >    CustomLog logs/www.aurinko.com-access_log common
> > > </VirtualHost>
> > >
> > > <VirtualHost 192.168.1.36:80>
> > >    ServerAdmin lextrait@xxxxxxxx
> > >    DocumentRoot C:/www/Thomas
> > >    ServerName thomas.lextrait.com
> > >    ErrorLog logs/thomas.lextrait.com-error_log
> > >    CustomLog logs/thomas.lextrait.com-access_log common
> > > </VirtualHost>
> > >
> > > <VirtualHost 192.168.1.36:80>
> > >    ServerAdmin lextrait@xxxxxxxx
> > >    DocumentRoot C:/www/Lextrait
> > >    ServerName www.lextrait.com
> > >    ErrorLog logs/www.lextrait.com-error_log
> > >    CustomLog logs/www.lextrait.com-access_log common
> > > </VirtualHost>
> > >
> > >
> > > ---------------------------------------------------------------------
> > > The official User-To-User support forum of the Apache HTTP Server 
> > > Project.
> > > See <URL:http://httpd.apache.org/userslist.html> for more info.
> > > To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
> > >   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
> > > For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
> >
> >
> > ---------------------------------------------------------------------
> > The official User-To-User support forum of the Apache HTTP Server 
> > Project.
> > See <URL:http://httpd.apache.org/userslist.html> for more info.
> > To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
> >   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
> > For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
>   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
> For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
  "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx