Third time is a charm, perhaps. I'm trying to get Apache to work. I can access dirac.org successfully from inside my network; I can't access it from outside my home network. Apache is running on a Linux box on satan: 192.168.0.2 and I'm testing it from a MS Windows machine on lucifer:192.168.0.3. My ISP is optimum online. Here are some clues.
1. tcpdump ========= Using tcpdump when accessing dirac.org from within the home network (this is what works): # tcpdump -i eth0 host ool-18bda2d2.dyn.optonline.net and tcp port 80 ool-18bda2d2.dyn.optonline.net.2826 > satan.www: Flags [S], seq 3934453911, win 65535, options [mss 1460,nop,nop,sackOK], length 0 satan.www > ool-18bda2d2.dyn.optonline.net.2826: Flags [S.], seq 2824373109, ack 3934453912, win 5840, options [mss 1460,nop,nop,sackOK], length 0 ool-18bda2d2.dyn.optonline.net.2826 > satan.www: Flags [.], ack 1, win 65535, length 0 ool-18bda2d2.dyn.optonline.net.2826 > satan.www: Flags [P.], seq 1:487, ack 1, win 65535, length 486 satan.www > ool-18bda2d2.dyn.optonline.net.2826: Flags [.], ack 487, win 6432, length 0 satan.www > ool-18bda2d2.dyn.optonline.net.2826: Flags [P.], seq 1:211, ack 487, win 6432, length 210 ool-18bda2d2.dyn.optonline.net.2826 > satan.www: Flags [.], ack 211, win 65325, length 0 Using tcpdump when accessing dirac.org from outside the home network (this doesn't work) # tcpdump -i eth0 host born.physics.ucdavis.edu and tcp dst port 80 born.physics.ucdavis.edu.45830 > satan.www: Flags [S], seq 692754447, win 5840, options [mss 1460,sackOK,TS val 303380783 ecr 0,nop,wscale 6], length 0 satan.www > born.physics.ucdavis.edu.45830: Flags [S.], seq 3535693591, ack 692754448, win 5792, options [mss 1460,sackOK,TS val 32070833 ecr 303380783,nop,wscale 6], length 0 born.physics.ucdavis.edu.45830 > satan.www: Flags [S], seq 692754447, win 5840, options [mss 1460,sackOK,TS val 303383783 ecr 0,nop,wscale 6], length 0 satan.www > born.physics.ucdavis.edu.45830: Flags [S.], seq 3535693591, ack 692754448, win 5792, options [mss 1460,sackOK,TS val 32071581 ecr 303380783,nop,wscale 6], length 0 satan.www > born.physics.ucdavis.edu.45830: Flags [S.], seq 3535693591, ack 692754448, win 5792, options [mss 1460,sackOK,TS val 32071915 ecr 303380783,nop,wscale 6], length 0 born.physics.ucdavis.edu.45830 > satan.www: Flags [S], seq 692754447, win 5840, options [mss 1460,sackOK,TS val 303389783 ecr 0,nop,wscale 6], length 0 satan.www > born.physics.ucdavis.edu.45830: Flags [S.], seq 3535693591, ack 692754448, win 5792, options [mss 1460,sackOK,TS val 32073081 ecr 303380783,nop,wscale 6], length 0 satan.www > born.physics.ucdavis.edu.45830: Flags [S.], seq 3535693591, ack 692754448, win 5792, options [mss 1460,sackOK,TS val 32073415 ecr 303380783,nop,wscale 6], length 0 satan.www > born.physics.ucdavis.edu.45830: Flags [S.], seq 3535693591, ack 692754448, win 5792, options [mss 1460,sackOK,TS val 32076415 ecr 303380783,nop,wscale 6], length 0 So packets are DEFINITELY reaching my server from outside my LAN. Port forwarding is working, and satan is acknowledging the packets. I believe that definitively points to Apache server misconfiguration. It's interesting that born and satan appear to talking to each other, sending each other syns over and over. 2. telnet ====== >From inside the network, I tried telneting to port 80 from lucifer (the MS Windows machine at 192.168.0.3): C:\Documents and Settings\p>telnet dirac.org 80 <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>501 Method Not Implemented</title> </head><body> >From outside the network: born.ucdavis.edu$ telnet dirac.org 80 Trying 24.189.162.210... telnet: connect to address 24.189.162.210: Connection timed out Which is no surprise. It tells me that Apache isn't listening to connections from outside the network. I knew that already. 3. Apache Configuration ================== This is the weak link, I think. apache2ctl reports no configuration problems: root@satan:/etc/apache2# apache2ctl configtest Syntax OK I'm using name based virtual hosting since I may want to serve two domains from the same IP address in the future. In apache2.conf: ServerName www.dirac.org NameVirtualHost *:80 ErrorLog /var/log/apache2/error.log LogLevel debug In /etc/apache2/sites-enabled/001-dirac.org: <VirtualHost *:80> ServerAdmin [email protected] ServerName www.dirac.org ServerAlias www.dirac.org dirac.org satan DirectoryIndex index.html DocumentRoot /www/dirac LogLevel debug ErrorLog /var/log/apache2/dirac.org.error CustomLog /var/log/apache2/dirac.org.access combined </VirtualHost> And in /etc/apache2/sites-enabled/002-iuselinux.org: <VirtualHost *:80> ServerAdmin [email protected] ServerName www.iuselinux.org ServerAlias www.iuselinux.org iuselinux.org DirectoryIndex index.html DocumentRoot /www/iuselinux LogLevel debug ErrorLog /var/log/apache2/iuselinux.org.error CustomLog /var/log/apache2/iuselinux.org.access combined </VirtualHost> I worked my ass off to get rid of the "NameVirtualHost *:80 has no virtual host" error messages. I'm no expert, but this looks right to me. 4. hosts ====== It almost feels like Apache doesn't recognize that http requests from born.ucdavis.edu are coming in for dirac.org, so it ignores these requests. So perhaps the problem is some other file having to do with server identification. Here is the contents of /etc/hostname: satan and /etc/hosts: 127.0.0.1 localhost 192.168.0.1 azazel 192.168.0.2 satan 192.168.0.2 dirac.org 192.168.0.2 www.dirac.org 192.168.0.3 lucifer 192.68.0.50 mara 192.68.0.51 demogorgon 192.68.0.52 belial 192.68.0.53 orcus 192.68.0.54 jublex 192.68.0.55 asmodeus I'm at a complete loss here. I'd really appreciate some help here. I really don't know what to do next. I've collected a bunch of data, but can't figure out where to go from here. Thanks! Pete _______________________________________________ vox-tech mailing list [email protected] http://lists.lugod.org/mailman/listinfo/vox-tech
