>Number: 2731 >Category: mod_proxy >Synopsis: Proxy server process using incorrect IP intermittently when >accessing other virtual servers. >Confidential: no >Severity: non-critical >Priority: medium >Responsible: apache >State: open >Class: sw-bug >Submitter-Id: apache >Arrival-Date: Tue Jul 28 13:10:01 PDT 1998 >Last-Modified: >Originator: [EMAIL PROTECTED] >Organization: apache >Release: 1.3.0 >Environment: Solaris 2.6 x86
uname -a == "SunOS goat 5.6 Generic i86pc i386 i86pc" >Description: My Solaris box (goat) is using multiple IP addresses with the same physical ethernet interface. Routes have been deleted such that all outgoing requests go through the main interface (goat.heurikon.com). Apache is configured with multiple virtual hosts, each with its own IP address. The machine's main IP is configured to be a proxy server on port 8080. Other virtual hosts include www.johnstewart.com and www.coldboot.com, each with its own IP. When using the Apache proxy to other web servers, they correctly see goat.heurikon.com as the source address. However, when accessing another one of the virtual servers on the same machine, it will sometimes correctly see it as coming from goat.heurikon.com and sometimes from the hostname corresponding to the virtual server you are accessing. As an example, here is the log corresponding to a two loads of www.coldboot.com: www.coldboot.com - - [28/Jul/1998:14:53:55 -0500] "GET / HTTP/1.0" 304 - www.coldboot.com - - [28/Jul/1998:14:53:56 -0500] "GET /top.html HTTP/1.0" 304 - www.coldboot.com - - [28/Jul/1998:14:53:56 -0500] "GET /bottom.html HTTP/1.0" 304 - www.coldboot.com - - [28/Jul/1998:14:53:57 -0500] "GET /menu.html HTTP/1.0" 304 - goat.heurikon.com - - [28/Jul/1998:14:53:57 -0500] "GET /main.html HTTP/1.0" 304 - www.coldboot.com - - [28/Jul/1998:14:53:57 -0500] "GET /pics/back.gif HTTP/1.0" 304 - www.coldboot.com - - [28/Jul/1998:14:54:09 -0500] "GET / HTTP/1.0" 304 - www.coldboot.com - - [28/Jul/1998:14:54:10 -0500] "GET /top.html HTTP/1.0" 304 - goat.heurikon.com - - [28/Jul/1998:14:54:10 -0500] "GET /bottom.html HTTP/1.0" 304 - www.coldboot.com - - [28/Jul/1998:14:54:11 -0500] "GET /menu.html HTTP/1.0" 304 - goat.heurikon.com - - [28/Jul/1998:14:54:11 -0500] "GET /pics/back.gif HTTP/1.0" 304 - www.coldboot.com - - [28/Jul/1998:14:54:11 -0500] "GET /main.html HTTP/1.0" 304 - The client was the same machine, using goat.heurikon.com as the proxy server. I wouldn't have noticed this problem if /server-status hadn't been restricted to heurikon.com and I tried loading it from one of the other virtual servers. It is usually denied, sometimes nore. Seems to be about a 1 to 4 ratio. I was unable to ascertain a pattern. I can provide further information on request - I'd be glad to provide my config files if that will help! John Stewart Network/Security Admin Artesyn Technologies [EMAIL PROTECTED] >How-To-Repeat: Not sure if it's a Solaris specfic problem or not... >Fix: Nope. >Audit-Trail: >Unformatted: [In order for any reply to be added to the PR database, ] [you need to include <[EMAIL PROTECTED]> in the Cc line ] [and leave the subject line UNCHANGED. This is not done] [automatically because of the potential for mail loops. ]
