Chris,

Thanks.  I installed the patch which you suggested.  The
tunnel nows works.  The performance is sluggish though.
I'm sure it's caused by all the overhead of the GET and POST
operations.

Do you suspect the alternate suggestion might help the performance?

Jim


"Conti, Chris" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> If you refer to BUG 19954:
> http://nagoya.apache.org/bugzilla/show_bug.cgi?id=19954
> This looks like the issue I was trying to patch.  In the current 2.x
> codebase, the reverse proxy will effectively cache traffic until it has
8000
> bytes to send.  According to Jeff Trawick, the caching effect is not an
> intended behavior, rather it is a network optimization that just happens
to
> break tunneling of non-http traffic.
>
> I've been swamped at work for the last few months, and have not had time
yet
> to rework my proposed patch based on the feedback in the bugzilla report;
> but I believe the patch as proposed will solve your immediate issue. Of
> course, feel free to rework the patch if you feel up to it!
>
>
> ---------------------------------------------------------
> Chris Conti
> mailto://[EMAIL PROTECTED]
> mailto://[EMAIL PROTECTED]
>
>
> If at first you do succeed, try not to look astonished.
>
>
> -----Original Message-----
> From: Jim Duda [mailto:[EMAIL PROTECTED]
> Sent: Thursday, March 04, 2004 9:41 PM
> To: [EMAIL PROTECTED]
> Subject: reverseproxy using httptunnel
>
> I'm trying to use GNU httptunnel
> (http://www.nocrew.org/software/httptunnel.html)
> behind apache using the reverseproxy feature.  Apache version 2.0.48
>
> I have reverseproxy working, as I have another machine behind apache using
> this feature serving up html pages properly.  Works great.
>
> I have apache running on my firewall.  I only have 1 single common port
> between my firewall and my client.  I only have port 443 to work with.
> I'm using port 443 with basic http.  I need apache to server web pages,
but
> I also need other non-web services.  At first, I just want to get a telnet
> client working, but hope to migrate to ssh later.  I'm aware of the
security
> issues this imposes.  My firewall is setup to only allow a client
connection
> on port 443 from the allowable location.
>
> My httpd.conf has the following - among other things (-:
>
> Listen 443
> <VirtualHost *>
>   ServerName <myserver>.com
>   ProxyPass / http://localhost:8888/
>   ProxyPassReverse / http://localhost:8888/ </VirtualHost>
>
> I run the httptunnel server on the firewall machine.
> hts -F localhost:23
>
> I run the httptunnel client on the client side.
> htc -F localhost:8000 <myserver>.com:443
>
> On the client, I issue:
> telnet localhost 8000.
>
> On the server, I've used ethereal to watch the traffic.
> I see the client open a connection with apache on 443.
> I see apache open a connection with the hts server on port 8888.
> I see the hts server open a connection on port 23.
> I see the client send a POST and GET through apache to the httptunnel
server
> on port 8888.
> The telnet port sends stuff to the httptunnel server port.
>
> The httptunnel server responds to the GET command with
> 15 bytes using 3 separate TCP packets back to the apache server.
>
> 0 (0000  02                                                .) putline
> 0 (0000  00 0c                                             ..) putline
> 0 (0000  ff fd 18 ff fd 20 ff fd 23 ff fd 27               ..... ..#..')
> putline
>
> I believe these 15 bytes are the beginning of the telnet negotiation.
>
> I never see the 15 bytes comes out of the apache server on the otherside
of
> the firewall towards the client.  The client side is stopped waiting for a
> response.
>
> I've turned on apache debugging and then used the printf debugging
approach
> and found I'm stuck inside proxy_http.
>
> I get the debug message
> "proxy: start body send" in logs/error_log
>
> I'm stuck in proxy_http.c, line 928
>                 while (ap_get_brigade(rp->input_filters,
>                                       bb,
>                                       AP_MODE_READBYTES,
>                                       APR_BLOCK_READ,
>                                       conf->io_buffer_size) ==
APR_SUCCESS)
> {
>
> The ap_get_brigade function never returns, and I'm stuck here.
>
> I get through this loop three times, before the httptunnel stops sending
> data, then I'm stuck.  The client needs to receive these bytes and
transmit
> to the server again before the server will send any more data.
>
> Am what I'm attempting completely wacked?
>
> Can anyone offer any pointers on what to look for next?
>
> I will continue to debug further.
>
> Thanks,
>
> Jim
>
>
>
>
>



Reply via email to