Just to follow up, sorry missed the part about the filter. Use <filterip> instead of <clientip>...
On Wed, Jan 12, 2011 at 2:02 PM, Graham Dunn <g...@kurai.org> wrote: > tcpdump -i eth0 port 80 host <clientip> > > on the server as root. Try to connect from the client. If you get > nothing, you know there's some name resolution/routing problem on the > client. > > > > On Wed, Jan 12, 2011 at 1:57 PM, John BORIS <jbo...@adphila.org> wrote: >> Yes. Sorry forgot that point. >> >> >> John J. Boris, Sr. >> JEN-A-SyS Administrator >> Archdiocese of Philadelphia >> 222 North 17th Street >> Philadelphia, Pa. 19103 >> Tel: 215-965-1714 >> Fax: 215-587-3525 >> "Remember! That light at the end of the tunnel >> Just might be the headlight of an oncoming train!" >> >>>>> "Singer X.J. Wang" <w...@singerwang.com> 1/12/2011 1:40 PM >>> >> Do your FQDN resolve to the same IP when you're on the server compared >> to >> when you're not on the server? >> >> >> On Wed, Jan 12, 2011 at 13:36, John BORIS <jbo...@adphila.org> wrote: >> >>> I have a question concerning the process for an http request. I need >> to >>> know the transactions between a web server and a web browser to >> bring >>> the home page. I am trying to troubleshoot a problem and I have to >> prove >>> to the keepers of our network that it is not my web server. >>> >>> here is the problem. This is all internal and not on the Internet >>> >>> Web Server (WS) Running Big Brother Professional (RHEL 5, apache), >>> SELinux disabled, no firewall rules on the server. >>> Client PC (Firefox, MSIE, SSH) >>> >>> I can connect from Client to Web Server using ssh without a problem. >> I >>> can connect to the Big Brother Professional Home Page via lynx by >>> ssh'ing to the Server and firing off lynx. If I walk down to the >> console >>> and log into the graphical desktop, run firfox and then I can bring >> up >>> the Big Brother Professional home page. >>> >>> So I know the Server is accepting connections at least locally. When >> I >>> try from the GUI on the Web Server I use the Fully qualified name >> for >>> the link not the IP address or local host. The same thing when I do >> it >>> with lynx from the ssh screen. >>> >>> Now if I try to do this from a client PC I get the message that MSIE >> is >>> waiting for the host and then after about 20 seconds I get the >> Internet >>> Explorer can't display the page. >>> >>> I setup iptraf to see what goes on and the minute I make the request >> I >>> see a message in iptraf saying "Host unreachable" >>> >>> Now on the network side. These machines are on the same switch. same >>> network but are routed to the main router for the network. That >> router >>> hijacks all port 80 traffic and directs it to our web filter, well I >>> assume that but not sure if you can hijack http traffic. I changed >> the >>> listening port of the Web process to 8081 and then retested and got >> the >>> same results. >>> >>> All of this started to happen when the network was moved from one >> web >>> filter to another so I point to the last move. Not sure why a flaky >> nic >>> card would deny http traffic only and allow everything else as Big >>> Brother listens on port 1984, ssh is on 22, email works as well. >>> >>> So after such a long story I would like to know the actual >> mechanics >>> of a web request. Like client makes a call to web server. Web server >>> then finishes the connection. I know there are a bunch of ACKs and >> stuff >>> in there but I need to see where this is broken. >>> >>> I am about to change the NIC card if this brings a blind alley. >>> >>> >>> Thanks in advance and sorry for the long post. >>> >>> >>> >>> John J. Boris, Sr. >>> JEN-A-SyS Administrator >>> Archdiocese of Philadelphia >>> "Remember! That light at the end of the tunnel >>> Just might be the headlight of an oncoming train!" >>> _______________________________________________ >>> Tech mailing list >>> Tech@lists.lopsa.org >>> https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech >>> This list provided by the League of Professional System >> Administrators >>> http://lopsa.org/ >>> >> >> -- >> The best compliment you could give Pythian for our service is a >> referral. >> _______________________________________________ >> Tech mailing list >> Tech@lists.lopsa.org >> https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech >> This list provided by the League of Professional System Administrators >> http://lopsa.org/ >> > _______________________________________________ Tech mailing list Tech@lists.lopsa.org https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
