FIN packets with mod_proxy

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Before I go too in-depth, my problem is that when I'm going through
the mod_proxy instance, the FIN packets get sent from a *different*
source port than the rest of the TCP transaction.  Thus both hosts
gets confused, packets are dropped and I cannot complete a
transaction.

# httpd -v
Server version: Apache/2.2.3
Server built:   Jan 15 2008 20:33:30

Here's my mod_proxy config...

<VirtualHost *>
    ServerName scmoseman
    ProxyRequests Off
    <Proxy *>
        Order deny,allow
        Allow from all
    </Proxy>
    ProxyPass / http://remotehost:8000/path/
    ProxyPassReverse / http://remotehost:8000/path/
    <Location />
        Order allow,deny
        Allow from all
    </Location>
    RewriteEngine On
    RewriteCond %{REQUEST_URI} ^/path/(.*)
    RewriteRule ^/path/(.*) /$1 [R]
</VirtualHost>

An example of the problem:  When I attempt to login to the website,
the entire transaction is done through the source port 3965.  When it
comes time for the FIN ACK to close the connection, it's going out on
source port 4476.  remotehost asks for a RST, but since its on a
different port its rejected.  And I'm unable to login to the website.
(Just viewing the website in read-only mode works fine.)

When I attempt the same thing from the server directly using Firefox
and going to the remotehost URL direct, the entire TCP connection uses
a single source port (including the FIN ACK session).

Why would going through mod_proxy result in the FIN ACK changing
ports?  Is this a bug?  Am I missing a config option somewhere?

Thanks,
Scott

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx


[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux