I am going to move this thread to the apache users list, as there are no other applications having trouble in the chroot
Apache is setting REMOTE_ADDR=16.0.0.0 for PHP and cgi scripts.
Searching the web, I keep finding my own posts: http://www.gossamer-threads.com/lists/apache/users/388695
-- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- - - - Jason Pyeron PD Inc. http://www.pdinc.us - - Principal Consultant 10 West 24th Street #100 - - +1 (443) 269-1555 x333 Baltimore, Maryland 21218 - - - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- This message is copyright PD Inc, subject to license 20080407P00.
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of Jason Pyeron Sent: Saturday, May 14, 2011 19:18 To: 'CentOS mailing list' Subject: Re: [CentOS] Apache in chroot reporting every client is 16.0.0.0
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of Robert Heller Sent: Saturday, May 14, 2011 19:02 To: CentOS mailing list Cc: 'CentOS mailing list' Subject: Re: [CentOS] Apache in chroot reporting every client is 16.0.0.0
At Sat, 14 May 2011 18:45:32 -0400 CentOS mailing list centos@centos.org wrote:
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of Marian Marinov Sent: Saturday, May 14, 2011 16:06 To: CentOS mailing list Subject: Re: [CentOS] Apache in chroot reporting every
client is
16.0.0.0
On Saturday 14 May 2011 20:50:54 Jason Pyeron wrote:
Not sure where to start on this. I went to examine a log file today and noticed a password protected internal file was being
accessed from
16.0.0.0. Upon further review every log entry has the
same IP.
Accessing apache from localhost also reports 16.0.0.0.
Google is not being my friend right now, any advice?
Kernel: 2.6.9-89.0.29.Elsmp
In the chroot:
httpd-suexec-2.0.52-41.ent.7.centos4 httpd-devel-2.0.52-41.ent.7.centos4 httpd-2.0.52-41.ent.7.centos4
-jason
Check the resolv setup in the chroot. etc/resolv.conf,
etc/hosts,
etc/nsswitch.conf
Hosts are resolving and /etc/resolv.conf is good.
Etc hosts and nsswitch are defaulted.
Is this /etc/resolv.conf IN the chroot tree that httpd is
running in
or in the real system root? Check etc/resolv.conf, etc/hosts, etc/nsswitch.conf, under the chroot tree that httpd is
running in, not
/etc/resolv.conf.
The previous post was for inside the chroot.
[root@devserver21 ~]# chroot /var/mnt/192.168.1.52 [root@devserver21 /]# host 127.0.0.1 1.0.0.127.in-addr.arpa domain name pointer localhost. [root@devserver21 /]# host localhost localhost has address 127.0.0.1 [root@devserver21 /]# host 192.168.1.67 67.1.168.192.in-addr.arpa domain name pointer host67.1.internal.pdinc.us. [root@devserver21 /]# host host67.1.internal.pdinc.us host67.1.internal.pdinc.us has address 192.168.1.67 [root@devserver21 /]# tail -n 0 -f /var/log/httpd/*_log & curl -sk https://67.90.184.203/index.html > /dev/null && sleep 15 && kill %1 [1] 14018 ==> /var/log/httpd/access_log <==
==> /var/log/httpd/error_log <==
==> /var/log/httpd/ssl_access_log <==
==> /var/log/httpd/ssl_error_log <==
==> /var/log/httpd/ssl_request_log <== [14/May/2011:19:17:17 -0400] 16.0.0.0 TLSv1 DHE-RSA-AES256-SHA "GET /index.html HTTP/1.1" 18 [root@devserver21 /]# [1]+ Terminated tail -n 0 -f /var/log/httpd/*_log [root@devserver21 /]#
--
-- Jason Pyeron PD Inc. http://www.pdinc.us -
- Principal Consultant 10 West 24th Street #100 -
- +1 (443) 269-1555 x333 Baltimore, Maryland 21218 -
--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- This message is copyright PD Inc, subject to license 20080407P00.
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos