AW: AW: Problem with Apache in Jail

Scheithauer, Lars (FH) Lars.Scheithauer at fh-heidelberg.de
Fri Nov 20 06:49:37 UTC 2009 

Hi Bastien,

I've set up the jail after this guide[1] of the FreeBSD handbook.

A firewall is not active (yet), since I first wanted the jail to work.

If I telnet to the server from the inside (DNS and IP), I can get a valid response. If I telnet to the servers ip from the outside, too. However, as soon as I try to get the files of a specific hostname, I get a timeout (more specifically, I can connect to the server, but it won't give any single packet back, according to wireshark).

I don't get the problem and honestly don't know where to look anymore. If it would be an apache config problem, it should not work from the inside, too. If it's a jail problem, I don't know what else to activate (even tried to allow raw sockets). The problem is also persistent with the apache20-installation.

For the logfiles: I do get an entry, if I get something back from the server. If I don't get anything back from the server, I don't get an entry.

Best regards,
Lars

_______________________________________________________________________
[1] http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/jails-application.html



-----Ursprüngliche Nachricht-----
Von: owner-freebsd-jail at freebsd.org [mailto:owner-freebsd-jail at freebsd.org] Im Auftrag von Bastien Semene
Gesendet: Donnerstag, 19. November 2009 17:50
Cc: freebsd-jail at freebsd.org
Betreff: Re: AW: Problem with Apache in Jail

Hi Lars,

How did you installed the jail system ?

Have you a firewall activated, what does the logs say ?

What a telnet says ?
In my access.log I have the following line (401 because it needs 
authentication) :
x.y.z.a - - [19/Nov/2009:17:47:36 +0100] "HEAD / HTTP/1.1" 401 - "-" "-"

telnet w/ HTTP :

$ telnet freebsd.org 80
Trying 69.147.83.40...
Connected to freebsd.org.
Escape character is '^]'.
HEAD / HTTP/1.1
Host: www.freebsd.org

HTTP/1.1 301 Moved Permanently
Location: http://www.freebsd.org/
Date: Thu, 19 Nov 2009 16:44:54 GMT
Server: httpd/1.4.x Gualala

Connection closed by foreign host.

Best Regards,

Scheithauer, Lars (FH) a écrit :
> On a follow-up:
> I just recognized, that I may access the vhost correctly from the server itself via lynx, but I am still unable to access any vhost from the outside (I can access the default by ip, though).
>
>
>
>
> -----Ursprüngliche Nachricht-----
> Von: owner-freebsd-jail at freebsd.org [mailto:owner-freebsd-jail at freebsd.org] Im Auftrag von Scheithauer, Lars (FH)
> Gesendet: Mittwoch, 18. November 2009 16:11
> An: Miroslav Lachman
> Cc: freebsd-jail at freebsd.org
> Betreff: AW: Problem with Apache in Jail
>
> Hi Miroslav,
>
> the system is a FreeBSD 8.0-rc3 with apache22.
>
> nslookup is working fine - I did not enter the vhosts name into the /etc/hosts before, but even adding it doesn't change the problem.
>
> Any other ideas I might check out?
>
> Best Regards,
> Lars
>
>
>
> -----Ursprüngliche Nachricht-----
> Von: Miroslav Lachman [mailto:000.fbsd at quip.cz] 
> Gesendet: Mittwoch, 18. November 2009 15:44
> An: Scheithauer, Lars (FH)
> Cc: freebsd-jail at freebsd.org
> Betreff: Re: Problem with Apache in Jail
>
> Scheithauer, Lars (FH) wrote:
>   
>> Hi everyone,
>>
>> I've started to install an apache22 in a freebsd-jail and have a
>> problem. The jail has a public ip address, so from what I know, I
>> wouldn't have to forward any packages to it. I can reach the apache22
>> server by ip-address, but not by its DNS - the connection gets
>> "disrupted". I can successfully nslookup the DNS and if I watch the
>> traffic of the browser via wireshark, I see that it sends packages to
>> the server, but the server doesn't send any packages back. I also do not
>> find any traces of the connection attempt in the apache-logs.
>>
>> The config-files of the apache are correct and read (tested by entering
>> some false configs and the server refused to start afterwards - and as
>> said I'm able to access it by its ip).
>>
>>
>>
>> Now, is there any way that this could be caused by the jail?
>>     
>
> You did not post what version and architecture you are using...
> But I am runing several jails with Apache or Lighttpd without any issues 
> (on 6.3 i386 and 7.2 i386 + amd64).
> So I expect some misconfiguration on your side.
>
> Are you sure you have correct DNS entries pointing to right IP and you 
> have working resolv.conf inside jail? What about /etc/hosts?
>
> Miroslav Lachman
> _______________________________________________
> freebsd-jail at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-jail
> To unsubscribe, send any mail to "freebsd-jail-unsubscribe at freebsd.org"
> _______________________________________________
> freebsd-jail at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-jail
> To unsubscribe, send any mail to "freebsd-jail-unsubscribe at freebsd.org"
>
>   

-- 
Bastien Semene
Administrateur Réseau & Système

admin at cyanide-studio.com
+33 (0)1 47 86 30 80

Cyanide S.A.
5, Boulevard des Bouvets
92000 Nanterre - FRANCE

_______________________________________________
freebsd-jail at freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-jail
To unsubscribe, send any mail to "freebsd-jail-unsubscribe at freebsd.org"

More information about the freebsd-jail mailing list