Re: [Pound Mailing List] Current development status
I haven't posted much to the list so far but have tried to help out once or twice when I know the answer to a question, and have had questions of my own.. all of which have been answered. I also started a Puppet module a while back which I am using in production, it has more added to it than the one I announced before and needs a bit of polish, I will try and get it in a nice enough state to show. Overall, Pound *rocks* it's one of a few peices of Free Software which truly shine, it does exactly what it's supposed to do and it does it exceptionally well. +1 for github On tis 18 jun 2013 17:35:00, Joe Gooch wrote: Seems like I didn't have to chime in. :) Robert Segall is the maintainer... I haven't heard from him in awhile; I know his life is very busy. He has put out v2.7b which is the next beta branch. I maintain a github project with the source code at http://github.com/goochjj/pound/ Branches of note would be what Andreas posted from the prior thread, reposted here: My suggestion to anyone who needs PCI-DSS compliance is to run my branch here: https://github.com/goochjj/pound/tree/stage_for_upstream/v2.7b Zip here: https://github.com/goochjj/pound/archive/stage_for_upstream/v2.7b.zip This is based on 2.7b, and includes a bunch of patches that I usually include in pound, to do things like SNI, CertDir includes, IncludeDir, PCRE redirects, etc. If you don't feel comfortable running a 2.7 branch, or don't want to include those patches, I've rolled a new branch: https://github.com/goochjj/pound/tree/pcidss/v2.6 Zip here: https://github.com/goochjj/pound/archive/pcidss/v2.6.zip Which includes only the XSRF, SSLv2, SSL compression and cipher enhancements against a 2.6 baseline. My overall goal for Pound is I feel it's a great product that does exactly what it's designed to do, no less, no more. It's stable and I use it in multiple production environments for load balancing and SSL termination. Any features it hasn't been able to do, I've added over the years. It's also a product I'd like to see in continued use, and so I like to help out where I can, adding features, applying patches, keeping things secure (i.e. SSL fixes and such). That's why I maintain my branches... Because I see the merit and I want to be sure people using pound are covered. I'd love to see Pound gain more community support... perhaps moving to github as a primary distro, getting 2.7 polished and out the door and a bunch of things... Right now Robert's the only one we can make those sorts of decisions... and there are some bits that aren't available in releases that would need to be checked in. (things like the autoconf script source) I am by no means the only contributor and it'd be great to wrap more people around the project. As far as support, there are many people on this list who are active with config/production questions as well as code level support, so this project is very much alive. :) Joe -Original Message- From: Andreas Hilboll [mailto:li...@hilboll.de] Sent: Tuesday, June 18, 2013 9:09 AM To: pound@apsis.ch Cc: Scott McKeown Subject: Re: [Pound Mailing List] Current development status Hi, Joe stated the links to updated 2.6 and 2.7 branches in this thread: http://www.apsis.ch/pound/pound_list/archive/2013/2013- 04/136765000/index_html Cheers, Andreas. On 18.06.2013 14:55, Scott McKeown wrote: Hi Peter, Welcome to Pound. I'm sure that Joe will jump in at some stage with more details but we use Pound ourselves and you can find that the community is quite active and supportive. Patches and fixes are normally found being posted to this list which if you know some basic Unix commands and you don't mind building Pound from source yourself you can have quite an efficient and productive SSL Terminator at your disposal. If memory serves me correctly Joe does keep a fork somewhere but I don't know where it is. However, once again welcome to the group. ~Scott On 18 June 2013 13:45, Peter Shaw unthough...@googlemail.com mailto:unthough...@googlemail.com wrote: Hi pound users and developers. I just want to know if there is a acive development on the pound project. Or is the last Date in 2.6 (2010) the last and final commit? is this grub active? and may i get help if i ran my production farm with pound. Thanx al lot, ps -- To unsubscribe send an email with subject unsubscribe to pound@apsis.ch mailto:pound@apsis.ch. Please contact ro...@apsis.ch mailto:ro...@apsis.ch for questions. -- With Kind Regards. Scott McKeown Loadbalancer.org http://www.loadbalancer.org -- To unsubscribe send an email with subject unsubscribe to pound@apsis.ch. Please contact ro...@apsis.ch for questions. -- To unsubscribe send an email with subject unsubscribe to pound@apsis.ch. Please contact ro...@apsis.ch for questions. -- To unsubscribe send an email with subject unsubscribe to
Re: [Pound Mailing List] Too many redirects
Hmm, I'm not awesome at spotting that kind of issue (sounds like one of those things you stare at for hours before noticing something really obvious :) ) A good start would be to enable redirect logging in Apache as this will tell you exactly what is going on: RewriteLog /var/log/apache/rewrite.log RewriteLogLevel 5 # higher numbers give more info, 5 is good start Also, have you tried watching the headers during the requests? I use firefox extension live http headers really great for finding this kind of issue. https://addons.mozilla.org/en-US/firefox/addon/live-http-headers/ Chrome has something similar but it's not as good. My personal preference is to do those simple redirects in Pound, as you are now doing, as it saves a pointless request to the backend. Unfortunately Pound doesn't support paths in the destination (url.com/path.html - url.com/newpath.html) or I would use it for all my redirects. /A On 2013-06-19 10:03, Martijn de Dood wrote: I've setup pound on my Debian Squeeze server (pound package from the repository 2.5-1) with the following config: ## Minimal sample pound.cfg ## ## see pound(8) for details ## ## global options: Userwww-data Groupwww-data #RootJail/chroot/pound ## Logging: (goes to syslog by default) ##0no logging ##1normal ##2extended ##3Apache-style (common log format) LogLevel0 ## check backend every X secs: Alive30 ## use hardware-accelleration card supported by openssl(1): #SSLEnginehw # poundctl control socket Control /var/run/pound/poundctl.socket ## ## listen, redirect and ... to: ## redirect all requests on port 8080 (ListenHTTP) to the local webserver (see Service below): ListenHTTP Address 111.111.111.111 # My external IP Port80 ## allow PUT and DELETE also (by default only GET, POST and HEAD)?: xHTTP0 Service BackEnd Address127.0.0.1 Port80 End End End Apache is running on localhost port 80. When I visit my site via mysite.com all goes well. However when visiting my site via www.mysite.com the browser replies with too many redirects. The website on Apache has a .htaccess file which does the redirect from www.mysite.com to mysite.com RewriteCond %{HTTPS} !=on RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC] RewriteRule ^ http://%1%{REQUEST_URI} [R=301,L] If I setup nginx as a reverse proxy I don't get too many redirects when requesting www, but I don't want nginx I like Pound more. What could cause the problem of the loop? I made a fix with this: Service HeadRequire ^Host: www.mysite.com$ Redirect 301 http://mysite.com; End But I would like to know why the loop occurs and if there is a other solution. -- To unsubscribe send an email with subject unsubscribe to pound@apsis.ch. Please contact ro...@apsis.ch for questions.
Re: [Pound Mailing List] Too many redirects
my experience if redirects from backend dont work properly, is to tune with the RewriteLocation option. for example add RewriteLocation 2 to your listener... good luck and cheers.ivo On 06/19/2013 10:45 AM, Alan McGinlay wrote: Hmm, I'm not awesome at spotting that kind of issue (sounds like one of those things you stare at for hours before noticing something really obvious :) ) A good start would be to enable redirect logging in Apache as this will tell you exactly what is going on: RewriteLog /var/log/apache/rewrite.log RewriteLogLevel 5 # higher numbers give more info, 5 is good start Also, have you tried watching the headers during the requests? I use firefox extension live http headers really great for finding this kind of issue. https://addons.mozilla.org/en-US/firefox/addon/live-http-headers/ Chrome has something similar but it's not as good. My personal preference is to do those simple redirects in Pound, as you are now doing, as it saves a pointless request to the backend. Unfortunately Pound doesn't support paths in the destination (url.com/path.html - url.com/newpath.html) or I would use it for all my redirects. /A On 2013-06-19 10:03, Martijn de Dood wrote: I've setup pound on my Debian Squeeze server (pound package from the repository 2.5-1) with the following config: ## Minimal sample pound.cfg ## ## see pound(8) for details ## ## global options: Userwww-data Groupwww-data #RootJail/chroot/pound ## Logging: (goes to syslog by default) ##0no logging ##1normal ##2extended ##3Apache-style (common log format) LogLevel0 ## check backend every X secs: Alive30 ## use hardware-accelleration card supported by openssl(1): #SSLEnginehw # poundctl control socket Control /var/run/pound/poundctl.socket ## ## listen, redirect and ... to: ## redirect all requests on port 8080 (ListenHTTP) to the local webserver (see Service below): ListenHTTP Address 111.111.111.111 # My external IP Port80 ## allow PUT and DELETE also (by default only GET, POST and HEAD)?: xHTTP0 Service BackEnd Address127.0.0.1 Port80 End End End Apache is running on localhost port 80. When I visit my site via mysite.com all goes well. However when visiting my site via www.mysite.com the browser replies with too many redirects. The website on Apache has a .htaccess file which does the redirect from www.mysite.com to mysite.com RewriteCond %{HTTPS} !=on RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC] RewriteRule ^ http://%1%{REQUEST_URI} [R=301,L] If I setup nginx as a reverse proxy I don't get too many redirects when requesting www, but I don't want nginx I like Pound more. What could cause the problem of the loop? I made a fix with this: Service HeadRequire ^Host: www.mysite.com$ Redirect 301 http://mysite.com; End But I would like to know why the loop occurs and if there is a other solution. -- To unsubscribe send an email with subject unsubscribe to pound@apsis.ch. Please contact ro...@apsis.ch for questions. -- To unsubscribe send an email with subject unsubscribe to pound@apsis.ch. Please contact ro...@apsis.ch for questions.
Re: [Pound Mailing List] Too many redirects
Have tried removing the space between ^ and http ? /paolo Den 19-06-2013 10:59, poundl...@toastbrot.ch skrev: RewriteRule ^ http://%1%{REQUEST_URI} [R=301,L] -- To unsubscribe send an email with subject unsubscribe to pound@apsis.ch. Please contact ro...@apsis.ch for questions.
[Pound Mailing List] Too many redirects
Thanks for all the answers. Removing the space between ^ and http stops the loop but it also doesn't rewrite anymore.It also occurs when doing in PHP a location / redirect 301. RewriteLocation:This was the solution.When setting rewritelocation to 0 the redirects are working. Tnx!
RE: [Pound Mailing List] Too many redirects
Sorry.Did not hit reply but started a new message. Thanks for all the answers. Removing the space between ^ and http stops the loop but it also doesn't rewrite anymore.It also occurs when doing in PHP a location / redirect 301. RewriteLocation:This was the solution.When setting rewritelocation to 0 the redirects are working. Tnx!
RE: [Pound Mailing List] Too many redirects
Sorry.Did not hit reply but started a new message. From: mded...@hotmail.com To: pound@apsis.ch Date: Wed, 19 Jun 2013 12:33:14 +0200 Subject: [Pound Mailing List] Too many redirects Thanks for all the answers. Removing the space between ^ and http stops the loop but it also doesn't rewrite anymore.It also occurs when doing in PHP a location / redirect 301. RewriteLocation:This was the solution.When setting rewritelocation to 0 the redirects are working. Tnx!