Re: [Pound Mailing List] Current development status
I haven't posted much to the list so far but have tried to help out once or twice when I know the answer to a question, and have had questions of my own.. all of which have been answered. I also started a Puppet module a while back which I am using in production, it has more added to it than the one I announced before and needs a bit of polish, I will try and get it in a nice enough state to show. Overall, Pound *rocks* it's one of a few peices of Free Software which truly shine, it does exactly what it's supposed to do and it does it exceptionally well. +1 for github On tis 18 jun 2013 17:35:00, Joe Gooch wrote: Seems like I didn't have to chime in. :) Robert Segall is the maintainer... I haven't heard from him in awhile; I know his life is very busy. He has put out v2.7b which is the next beta branch. I maintain a github project with the source code at http://github.com/goochjj/pound/ Branches of note would be what Andreas posted from the prior thread, reposted here: My suggestion to anyone who needs PCI-DSS compliance is to run my branch here: https://github.com/goochjj/pound/tree/stage_for_upstream/v2.7b Zip here: https://github.com/goochjj/pound/archive/stage_for_upstream/v2.7b.zip This is based on 2.7b, and includes a bunch of patches that I usually include in pound, to do things like SNI, CertDir includes, IncludeDir, PCRE redirects, etc. If you don't feel comfortable running a 2.7 branch, or don't want to include those patches, I've rolled a new branch: https://github.com/goochjj/pound/tree/pcidss/v2.6 Zip here: https://github.com/goochjj/pound/archive/pcidss/v2.6.zip Which includes only the XSRF, SSLv2, SSL compression and cipher enhancements against a 2.6 baseline. My overall goal for Pound is I feel it's a great product that does exactly what it's designed to do, no less, no more. It's stable and I use it in multiple production environments for load balancing and SSL termination. Any features it hasn't been able to do, I've added over the years. It's also a product I'd like to see in continued use, and so I like to help out where I can, adding features, applying patches, keeping things secure (i.e. SSL fixes and such). That's why I maintain my branches... Because I see the merit and I want to be sure people using pound are covered. I'd love to see Pound gain more community support... perhaps moving to github as a primary distro, getting 2.7 polished and out the door and a bunch of things... Right now Robert's the only one we can make those sorts of decisions... and there are some bits that aren't available in releases that would need to be checked in. (things like the autoconf script source) I am by no means the only contributor and it'd be great to wrap more people around the project. As far as support, there are many people on this list who are active with config/production questions as well as code level support, so this project is very much alive. :) Joe -Original Message- From: Andreas Hilboll [mailto:li...@hilboll.de] Sent: Tuesday, June 18, 2013 9:09 AM To: pound@apsis.ch Cc: Scott McKeown Subject: Re: [Pound Mailing List] Current development status Hi, Joe stated the links to updated 2.6 and 2.7 branches in this thread: http://www.apsis.ch/pound/pound_list/archive/2013/2013- 04/136765000/index_html Cheers, Andreas. On 18.06.2013 14:55, Scott McKeown wrote: Hi Peter, Welcome to Pound. I'm sure that Joe will jump in at some stage with more details but we use Pound ourselves and you can find that the community is quite active and supportive. Patches and fixes are normally found being posted to this list which if you know some basic Unix commands and you don't mind building Pound from source yourself you can have quite an efficient and productive SSL Terminator at your disposal. If memory serves me correctly Joe does keep a fork somewhere but I don't know where it is. However, once again welcome to the group. ~Scott On 18 June 2013 13:45, Peter Shaw unthough...@googlemail.com mailto:unthough...@googlemail.com wrote: Hi pound users and developers. I just want to know if there is a acive development on the pound project. Or is the last Date in 2.6 (2010) the last and final commit? is this grub active? and may i get help if i ran my production farm with pound. Thanx al lot, ps -- To unsubscribe send an email with subject unsubscribe to pound@apsis.ch mailto:pound@apsis.ch. Please contact ro...@apsis.ch mailto:ro...@apsis.ch for questions. -- With Kind Regards. Scott McKeown Loadbalancer.org http://www.loadbalancer.org -- To unsubscribe send an email with subject unsubscribe to pound@apsis.ch. Please contact ro...@apsis.ch for questions. -- To unsubscribe send an email with subject unsubscribe to pound@apsis.ch. Please contact ro...@apsis.ch for questions. -- To unsubscribe send an email with subject unsubscribe to
Re: [Pound Mailing List] Too many redirects
Hmm, I'm not awesome at spotting that kind of issue (sounds like one of
those things you stare at for hours before noticing something really
obvious :) )
A good start would be to enable redirect logging in Apache as this will
tell you exactly what is going on:
RewriteLog /var/log/apache/rewrite.log
RewriteLogLevel 5 # higher numbers give more info, 5 is good start
Also, have you tried watching the headers during the requests? I use
firefox extension live http headers really great for finding this kind
of issue.
https://addons.mozilla.org/en-US/firefox/addon/live-http-headers/
Chrome has something similar but it's not as good.
My personal preference is to do those simple redirects in Pound, as you
are now doing, as it saves a pointless request to the backend.
Unfortunately Pound doesn't support paths in the destination
(url.com/path.html - url.com/newpath.html) or I would use it for all my
redirects.
/A
On 2013-06-19 10:03, Martijn de Dood wrote:
I've setup pound on my Debian Squeeze server (pound package from the
repository 2.5-1) with the following config:
## Minimal sample pound.cfg
##
## see pound(8) for details
##
## global options:
Userwww-data
Groupwww-data
#RootJail/chroot/pound
## Logging: (goes to syslog by default)
##0no logging
##1normal
##2extended
##3Apache-style (common log format)
LogLevel0
## check backend every X secs:
Alive30
## use hardware-accelleration card supported by openssl(1):
#SSLEnginehw
# poundctl control socket
Control /var/run/pound/poundctl.socket
##
## listen, redirect and ... to:
## redirect all requests on port 8080 (ListenHTTP) to the local
webserver (see Service below):
ListenHTTP
Address 111.111.111.111 # My external IP
Port80
## allow PUT and DELETE also (by default only GET, POST and HEAD)?:
xHTTP0
Service
BackEnd
Address127.0.0.1
Port80
End
End
End
Apache is running on localhost port 80.
When I visit my site via mysite.com all goes well. However when visiting
my site via www.mysite.com the browser replies with too many redirects.
The website on Apache has a .htaccess file which does the redirect from
www.mysite.com to mysite.com
RewriteCond %{HTTPS} !=on
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteRule ^ http://%1%{REQUEST_URI} [R=301,L]
If I setup nginx as a reverse proxy I don't get too many redirects when
requesting www, but I don't want nginx I like Pound more.
What could cause the problem of the loop?
I made a fix with this:
Service
HeadRequire ^Host: www.mysite.com$
Redirect 301 http://mysite.com;
End
But I would like to know why the loop occurs and if there is a other
solution.
--
To unsubscribe send an email with subject unsubscribe to pound@apsis.ch.
Please contact ro...@apsis.ch for questions.
Re: [Pound Mailing List] Too many redirects
my experience if redirects from backend dont work properly, is to tune
with the RewriteLocation option. for example add
RewriteLocation 2
to your listener...
good luck and cheers.ivo
On 06/19/2013 10:45 AM, Alan McGinlay wrote:
Hmm, I'm not awesome at spotting that kind of issue (sounds like one of
those things you stare at for hours before noticing something really
obvious :) )
A good start would be to enable redirect logging in Apache as this will
tell you exactly what is going on:
RewriteLog /var/log/apache/rewrite.log
RewriteLogLevel 5 # higher numbers give more info, 5 is good start
Also, have you tried watching the headers during the requests? I use
firefox extension live http headers really great for finding this kind
of issue.
https://addons.mozilla.org/en-US/firefox/addon/live-http-headers/
Chrome has something similar but it's not as good.
My personal preference is to do those simple redirects in Pound, as you
are now doing, as it saves a pointless request to the backend.
Unfortunately Pound doesn't support paths in the destination
(url.com/path.html - url.com/newpath.html) or I would use it for all my
redirects.
/A
On 2013-06-19 10:03, Martijn de Dood wrote:
I've setup pound on my Debian Squeeze server (pound package from the
repository 2.5-1) with the following config:
## Minimal sample pound.cfg
##
## see pound(8) for details
##
## global options:
Userwww-data
Groupwww-data
#RootJail/chroot/pound
## Logging: (goes to syslog by default)
##0no logging
##1normal
##2extended
##3Apache-style (common log format)
LogLevel0
## check backend every X secs:
Alive30
## use hardware-accelleration card supported by openssl(1):
#SSLEnginehw
# poundctl control socket
Control /var/run/pound/poundctl.socket
##
## listen, redirect and ... to:
## redirect all requests on port 8080 (ListenHTTP) to the local
webserver (see Service below):
ListenHTTP
Address 111.111.111.111 # My external IP
Port80
## allow PUT and DELETE also (by default only GET, POST and HEAD)?:
xHTTP0
Service
BackEnd
Address127.0.0.1
Port80
End
End
End
Apache is running on localhost port 80.
When I visit my site via mysite.com all goes well. However when visiting
my site via www.mysite.com the browser replies with too many redirects.
The website on Apache has a .htaccess file which does the redirect from
www.mysite.com to mysite.com
RewriteCond %{HTTPS} !=on
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteRule ^ http://%1%{REQUEST_URI} [R=301,L]
If I setup nginx as a reverse proxy I don't get too many redirects when
requesting www, but I don't want nginx I like Pound more.
What could cause the problem of the loop?
I made a fix with this:
Service
HeadRequire ^Host: www.mysite.com$
Redirect 301 http://mysite.com;
End
But I would like to know why the loop occurs and if there is a other
solution.
--
To unsubscribe send an email with subject unsubscribe to pound@apsis.ch.
Please contact ro...@apsis.ch for questions.
--
To unsubscribe send an email with subject unsubscribe to pound@apsis.ch.
Please contact ro...@apsis.ch for questions.
Re: [Pound Mailing List] Too many redirects
Have tried removing the space between ^ and http ?
/paolo
Den 19-06-2013 10:59, poundl...@toastbrot.ch skrev:
RewriteRule ^ http://%1%{REQUEST_URI} [R=301,L]
--
To unsubscribe send an email with subject unsubscribe to pound@apsis.ch.
Please contact ro...@apsis.ch for questions.
[Pound Mailing List] Too many redirects
Thanks for all the answers. Removing the space between ^ and http stops the loop but it also doesn't rewrite anymore.It also occurs when doing in PHP a location / redirect 301. RewriteLocation:This was the solution.When setting rewritelocation to 0 the redirects are working. Tnx!
RE: [Pound Mailing List] Too many redirects
Sorry.Did not hit reply but started a new message. Thanks for all the answers. Removing the space between ^ and http stops the loop but it also doesn't rewrite anymore.It also occurs when doing in PHP a location / redirect 301. RewriteLocation:This was the solution.When setting rewritelocation to 0 the redirects are working. Tnx!
RE: [Pound Mailing List] Too many redirects
Sorry.Did not hit reply but started a new message. From: mded...@hotmail.com To: pound@apsis.ch Date: Wed, 19 Jun 2013 12:33:14 +0200 Subject: [Pound Mailing List] Too many redirects Thanks for all the answers. Removing the space between ^ and http stops the loop but it also doesn't rewrite anymore.It also occurs when doing in PHP a location / redirect 301. RewriteLocation:This was the solution.When setting rewritelocation to 0 the redirects are working. Tnx!
