I am getting 502 Operation not permitted error. The log is as below: ObjStatus 502 ObjReason Operation not permitted
Sorry for the inconvenience 🙏 On Thu, Dec 19, 2019 at 6:15 PM Guillaume Quintard < [email protected]> wrote: > you need to understand what is going on why the backend is replying with > 403, then we can fix the vcl. > > -- > Guillaume Quintard > > > On Thu, Dec 19, 2019 at 1:18 PM Varun Nath <[email protected]> wrote: > >> Thank You. Could you please confirm whether the VCL config I have shared >> if fine? >> >> On Thu, Dec 19, 2019 at 5:46 PM Guillaume Quintard < >> [email protected]> wrote: >> >>> check the backend transaction, and understand why your origin is sending >>> back a 403. This is due to your backend configuration and I can't help you >>> with that. >>> >>> -- >>> Guillaume Quintard >>> >>> >>> On Thu, Dec 19, 2019 at 1:03 PM Varun Nath <[email protected]> >>> wrote: >>> >>>> This is the VCL file am using: >>>> >>>> Note: Host is not a valid one >>>> >>>> vcl 4.0; >>>> import std; >>>> import directors; >>>> >>>> # Default backend definition. Set this to point to your content server. >>>> backend default { >>>> .host = "remote.host.com"; >>>> .port = "80"; >>>> } >>>> >>>> sub vcl_init { >>>> new vdir = directors.round_robin(); >>>> vdir.add_backend(default); >>>> } >>>> >>>> sub vcl_recv { >>>> unset req.http.proxy; >>>> unset req.http.cookie; >>>> set req.http.x-host = "http://remote.host.com";; >>>> set req.http.x-clientip = client.ip; >>>> set req.http.x-serverip = server.ip; >>>> set req.http.x-localip = local.ip; >>>> set req.http.x-remoteip = remote.ip; >>>> unset req.http.X-Forwarded-For; >>>> set req.http.x-forwarded-for = client.ip; >>>> return(pass); >>>> } >>>> >>>> sub vcl_backend_response { >>>> # Happens after we have read the response headers from the backend. >>>> # >>>> # Here you clean the response headers, removing silly Set-Cookie >>>> headers >>>> # and other mistakes your backend does. >>>> } >>>> >>>> sub vcl_deliver { >>>> # Happens when we have all the pieces we need, and are about to >>>> send the >>>> # response to the client. >>>> } >>>> >>>> Please let me know if I need to add something more to make the remote >>>> host caching from localhost varnish >>>> >>>> On Thu, Dec 19, 2019 at 5:05 PM Varun Nath <[email protected]> >>>> wrote: >>>> >>>>> Hello, >>>>> I got some response via CURL. But getting 403 Forbidden message. Log >>>>> is as below: >>>>> * BerespStatus 403* >>>>> * BerespReason Forbidden* >>>>> Also tried setting >>>>> >>>>> *remove req.http.X-Forwarded-For;set req.http.x-forwarded-for = >>>>> client.ip;* >>>>> But didnt work. >>>>> Could you please share your thoughts? >>>>> >>>>> On Thu, Dec 19, 2019 at 3:00 PM Varun Nath <[email protected]> >>>>> wrote: >>>>> >>>>>> Thank You so much for your support. Will try this and let you know >>>>>> >>>>>> On Thu, Dec 19, 2019 at 2:49 PM Guillaume Quintard < >>>>>> [email protected]> wrote: >>>>>> >>>>>>> The backend portion of the vcl only handles the TCP part of the >>>>>>> equation. If your backend expect a specific host, you need to either >>>>>>> have >>>>>>> the client give it, or have varnish override it. >>>>>>> >>>>>>> Try curl -I localhost/your/file -H "host: whatever.your.host.is.com" >>>>>>> >>>>>>> On Thu, Dec 19, 2019, 09:02 Varun Nath <[email protected]> >>>>>>> wrote: >>>>>>> >>>>>>>> Yes, I tried with http://locahost, but that is expected, right? >>>>>>>> since the backend server is configured in VCL file. Sorry if I am wrong >>>>>>>> >>>>>>>> On Thu, Dec 19, 2019 at 2:29 PM Guillaume Quintard < >>>>>>>> [email protected]> wrote: >>>>>>>> >>>>>>>>> Note: please keep the mailing list CC'd >>>>>>>>> >>>>>>>>> Check the host header you are sending to the backend. Usually, a >>>>>>>>> 404 arises because the URL and/or the host wrong. >>>>>>>>> >>>>>>>>> I'm thinking you possibly tested varnish requesting something like >>>>>>>>> http://localhost/your/test/file, but your backend isn't >>>>>>>>> configured to reply to the "localhost" host >>>>>>>>> >>>>>>>>> On Thu, Dec 19, 2019, 08:55 Varun Nath <[email protected]> >>>>>>>>> wrote: >>>>>>>>> >>>>>>>>>> Thanks again for the quick response. >>>>>>>>>> I have checked the log and getting the expected IP address in >>>>>>>>>> *BackendStart >>>>>>>>>> *parameter. Sorry I didnt get what you mean by you need to >>>>>>>>>> change *the host header before sending the request to the >>>>>>>>>> backend. *Could you please elaborate a little bit? >>>>>>>>>> >>>>>>>>>> On Thu, Dec 19, 2019 at 2:20 PM Guillaume Quintard < >>>>>>>>>> [email protected]> wrote: >>>>>>>>>> >>>>>>>>>>> Hi, >>>>>>>>>>> >>>>>>>>>>> Use varnishlog -b (with possibly -d) to see the backend >>>>>>>>>>> transactions and see what IP is being used (is it the right one). >>>>>>>>>>> It could >>>>>>>>>>> also be that you need to change the host header before sending the >>>>>>>>>>> request >>>>>>>>>>> to the backend. >>>>>>>>>>> >>>>>>>>>>> Cheers, >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> On Thu, Dec 19, 2019, 08:39 Varun Nath <[email protected]> >>>>>>>>>>> wrote: >>>>>>>>>>> >>>>>>>>>>>> Hello, >>>>>>>>>>>> I need to connect to a remote host from local VCL config file. >>>>>>>>>>>> I have added the backend config as below >>>>>>>>>>>> >>>>>>>>>>>> backend default { >>>>>>>>>>>> .host = "remote.host.com"; >>>>>>>>>>>> } >>>>>>>>>>>> >>>>>>>>>>>> But am getting Page not available message. Do I miss something? >>>>>>>>>>>> Thanks in advance >>>>>>>>>>>> >>>>>>>>>>>> -- >>>>>>>>>>>> VARUN NATH A V >>>>>>>>>>>> _______________________________________________ >>>>>>>>>>>> varnish-misc mailing list >>>>>>>>>>>> [email protected] >>>>>>>>>>>> >>>>>>>>>>>> https://www.varnish-cache.org/lists/mailman/listinfo/varnish-misc >>>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>> >>>>>>>>>> -- >>>>>>>>>> VARUN NATH A V >>>>>>>>>> >>>>>>>>> >>>>>>>> >>>>>>>> -- >>>>>>>> VARUN NATH A V >>>>>>>> >>>>>>> >>>>>> >>>>>> -- >>>>>> VARUN NATH A V >>>>>> >>>>> >>>>> >>>>> -- >>>>> VARUN NATH A V >>>>> >>>> >>>> >>>> -- >>>> VARUN NATH A V >>>> >>> >> >> -- >> VARUN NATH A V >> > -- VARUN NATH A V
_______________________________________________ varnish-misc mailing list [email protected] https://www.varnish-cache.org/lists/mailman/listinfo/varnish-misc
