Hi, thanks for yor help.
I can't find a solution. But i have find a starnge ip config. in rc.conf on Host(not jail) ifconfig_vmx0_alias1="inet 192.168.100.2 netmask 255.255.255.0" ifconfig_em0="inet 213.70.80.92 netmask 255.255.255.0" ifconfig on host say: inet 213.70.80.92 netmask 0xffffffff broadcast 213.70.80.92 inet 192.168.100.2 netmask 0xffffffff broadcast 192.168.100.2 ifconfig say to both ip's /32. Maby that's the reason for unavailable the apache. ifconfig iside the jail say the same. I'm a little bit confused. Am 23.03.2018 um 17:41 schrieb Miroslav Lachman: > Joerg Surmann wrote on 2018/03/23 17:14: >> tail -f /var/log/httpd-access.log >> 192.168.100.2 - - [23/Mar/2018:13:12:10 +0000] "OPTIONS * HTTP/1.0" >> 200 - >> 192.168.100.2 - - [23/Mar/2018:15:12:02 +0000] "OPTIONS * HTTP/1.0" >> 200 - >> 213.70.80.92 - - [23/Mar/2018:15:33:07 +0000] "OPTIONS * HTTP/1.0" 200 - >> 213.70.80.92 - - [23/Mar/2018:15:33:08 +0000] "OPTIONS * HTTP/1.0" 200 - >> 213.70.80.92 - - [23/Mar/2018:15:33:09 +0000] "OPTIONS * HTTP/1.0" 200 - >> 213.70.80.92 - - [23/Mar/2018:15:35:37 +0000] "GET / HTTP/1.1" 302 209 >> 213.70.80.92 - - [23/Mar/2018:15:35:44 +0000] "OPTIONS * HTTP/1.0" 200 - >> 213.70.80.92 - - [23/Mar/2018:15:35:45 +0000] "OPTIONS * HTTP/1.0" 200 - >> 213.70.80.92 - - [23/Mar/2018:15:35:46 +0000] "OPTIONS * HTTP/1.0" 200 - >> 213.70.80.92 - - [23/Mar/2018:15:58:05 +0000] "GET / HTTP/1.1" 302 209 > > How did you do the request from 213.70.80.92? It was made from > localhost where Apache runs? > >> jls -v >> JID Hostname Path >> Name State >> CPUSetID >> IP Address(es) >> >> 2 apache24 /usr/jails/apache24 >> apache24 ACTIVE >> 3 >> 192.168.100.2 >> 213.70.80.92 > > Looks good > >> jls -s >> >> devfs_ruleset=0 enforce_statfs=2 host=new ip4=disable ip6=disable >> jid=2 name=apache24 osreldate=1101001 osrelease=11.1-RELEASE >> path=/usr/jails/apache24 nopersist securelevel=-1 sysvmsg=disable >> sysvsem=disable sysvshm=disable allow.nochflags allow.mount >> allow.mount.nodevfs allow.mount.nofdescfs allow.mount.nolinprocfs >> allow.mount.nolinsysfs allow.mount.nonullfs allow.mount.noprocfs >> allow.mount.notmpfs allow.mount.nozfs allow.noquotas >> allow.raw_sockets allow.noset_hostname allow.nosocket_af >> allow.nosysvipc children.max=0 host.domainname="" host.hostid=0 >> host.hostname=apache24 >> host.hostuuid=00000000-0000-0000-0000-000000000000 > > This is strange. You have ip4=disable ip6=disable. My jails have > "ip4=new ip6=disable" > And you don't have ip4.addr at all. I have ip4.addr=172.16.16.2 for > example > > Miroslav Lachman > > >> Am 23.03.2018 um 16:58 schrieb Miroslav Lachman: >>> Joerg Surmann wrote on 2018/03/23 16:45: >>>> Thanks for replay. >>>> >>>> netstat -an | egrep 'tcp4.*80 .*LISTEN' >>>> say: >>>> netstat: kvm not available: /dev/mem No such file or directory <- is >>>> inside a jail. >>>> tcp4 0 0 *.80 *.* LISTEN >>>> >>>> grep -i Listen /usr/local/etc/apache24/httpd.conf >>>> >>>> Listen 80 >>>> Listen 443 >>>> >>>> From the internal IP is no Problem. >>>> You are right. I'm not sure on wich IP's Apache is listening. >>>> >>>> I have change the Listen directive to the external IP in httpd.conf >>>> Listen 213.70.80.92:80 >>>> >>>> netstat -an | egrep 'tcp4.*80 .*LISTEN' >>>> now say: >>>> tcp4 0 0 213.70.80.92:80 *.* LISTEN >>>> >>>> But apache is not availble from Internet. >>>> From Intranet... no Problem. >>>> >>>> When i use tcpdump on Host i can see Traffic. >>>> >>>> Whats wrong? >>> >>> That's strange. >>> >>> Listen 80 and Listen 443 is OK, it is the same as >>> Listen *:80 >>> Listen *:443 >>> and as you see with netstat, Apache was listening on both IPs: >>> *.80 *.* LISTEN >>> >>> Do you have something listening on port 80 in the Host? >>> >>> What netstat shows in the host? >>> >>> Also check Apache log files. If you didn't configure virtual host, >>> then you have just these two log files: >>> /var/log/httpd-access.log >>> /var/log/httpd-error.log >>> >>> Use tail and then try to access your website from the internet >>> >>> # tail -f /var/log/httpd-*.log >>> >>> Please send what "jls -v" in the Host will show you. (there should >>> be 2 IPs for your jail) or "jls -s" (replace any sensitive >>> informations if you want) >>> >>> And move this discussion to proper mailing list: >>> [email protected] >>>
signature.asc
Description: OpenPGP digital signature
