On Sun, Oct 17, 2010 at 9:59 PM, Chanoch (Ken) Bloom <[email protected]> wrote: > On Sun, Oct 17, 2010 at 06:04:58PM -0400, Peter Salzman wrote: >> I'm having trouble with Apache running on satan (192.162.0.2). At >> some point I must have changed something, and it stopped working. >> >> There are two virtual hosts: >> >> 1. /etc/apache2/sites-enabled/000-default >> >> <VirtualHost *:80> >> ServerAdmin [email protected] >> DocumentRoot /var/www >> <Directory /> >> Options FollowSymLinks >> AllowOverride None >> </Directory> >> >> <Directory /var/www/> >> Options Indexes FollowSymLinks MultiViews >> AllowOverride None >> Order allow,deny >> allow from all >> </Directory> >> >> ErrorLog /var/log/apache2/error.log >> LogLevel debug >> >> CustomLog /var/log/apache2/access.log combined >> >> </VirtualHost> >> >> >> 2. /etc/apache2/sites-enabled/001-dirac.org (the one I want to work) >> >> <VirtualHost *:80> >> ServerAdmin [email protected] >> ServerName www.dirac.org >> ServerAlias dirac.org >> >> DirectoryIndex index.html >> DocumentRoot /var/www/ >> >> LogLevel debug >> ErrorLog /var/log/apache2/dirac.org.error >> CustomLog //var/log/apache2/dirac.org.access combined >> </VirtualHost> >> >> The /etc/hostname file contains "satan". The /etc/hosts file contains: >> >> 192.168.0.2 satan >> 192.168.0.2 dirac.org >> 192.168.0.2 www.dirac.org >> >> >> >> >> I'm seeing different behaviors depending on whether I'm on the home >> network or outside the home network. >> >> From the home network I can access the webserver from any computer by >> pointing a browser to http://dirac.org, http://www.dirac.org, >> http://192.168.0.2, http://24.189.162.69/, or http://satan. When I >> access www.dirac.org or dirac.org, /var/log/apache/dirac.org.access >> gets larger. When I access satan, 192.168.0.2, or 24.189.162.69 (my >> external IP), /var/log/apache2/access.log gets larger. No surprises >> here. >> >> From outside the home network, I can't access the webserver at all, >> and as expected, none of the logs get larger. It's clear that Apache >> simply isn't seeing anything, otherwise, the logs would increase in >> size. >> >> I don't think it's a firewall issue because tcpdump sees external www >> requests coming from. From external IP 10.37.247.64 (an iPhone on the >> 3G network), I point Safari to "http://www.dirac.org"; and this is what >> tcpdump reports: >> >> r...@satan:/var/log/apache2# tcpdump -vv -i eth0 tcp port 80 | grep cingular >> tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 96 >> bytes >> satan.www > mobile-166-137-137-082.mycingular.net.4445: Flags >> [S.], cksum 0x4d17 (correct), seq 305106526, ack 4022190454, win 5792, >> options [mss 1460,sackOK,TS val 1210510762 ecr 842475580,nop,wscale >> 6], length 0 >> mobile-166-137-137-082.mycingular.net.5878 > satan.www: Flags [S], >> cksum 0x3dc6 (correct), seq 1346585780, win 65535, options [mss >> 1410,nop,wscale 2,nop,nop,TS val 842476145 ecr 0,sackOK,eol], length 0 >> satan.www > mobile-166-137-137-082.mycingular.net.5878: Flags >> [S.], cksum 0xcafe (correct), seq 1206576348, ack 1346585781, win >> 5792, options [mss 1460,sackOK,TS val 1210513399 ecr >> 842476145,nop,wscale 6], length 0 >> mobile-166-137-137-082.mycingular.net.5878 > satan.www: Flags [S], >> cksum 0x3dbc (correct), seq 1346585780, win 65535, options [mss >> 1410,nop,wscale 2,nop,nop,TS val 842476155 ecr 0,sackOK,eol], length 0 >> satan.www > mobile-166-137-137-082.mycingular.net.5878: Flags >> [S.], cksum 0xcafe (correct), seq 1206576348, ack 1346585781, win >> 5792, options [mss 1460,sackOK,TS val 1210513399 ecr >> 842476145,nop,wscale 6], length 0 >> >> Packets from the iPhone are seen coming in. And packets are being >> sent back out to the iPhone. However, Safari errors out with a >> "Cannot open Page" error. Furthermore, neither >> /var/log/apache2/access.log no /var/log/apache2/dirac.org.access get >> larger. >> >> On one hand it's "obvious" that Apache isn't seeing these packets from >> the iPhone because the logs aren't increasing in size. On the other >> hand, it's not "obvious" because .. why are packets being sent from >> satan.www to mycingular.net? >> >> I'm really stumped. Any ideas? > > The packets you see going from satan.www to mycingular.net are SYN-ACK > packets, which are the second part of the three-way handshake used to > open a TCP connection. That is, satan is responding to the iPhone and > agreeing to open a connection. For some reason, the iPhone doesn't see > this response (or just doesn't respond with the ACK that is the third > part of the three-way handshake). > > Your apache configuration has nothing to do with a problem at this > level. > > --Ken
If it's not an Apache or firewall problem, then you should be able to connect to dirac.org. Can you reach it? Thanks! Pete _______________________________________________ vox-tech mailing list [email protected] http://lists.lugod.org/mailman/listinfo/vox-tech
