I am going to move this thread to the apache users list, as there are no other applications having trouble in the chroot Apache is setting REMOTE_ADDR=16.0.0.0 for PHP and cgi scripts. Searching the web, I keep finding my own posts: http://www.gossamer-threads.com/lists/apache/users/388695 -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- - - - Jason Pyeron PD Inc. http://www.pdinc.us - - Principal Consultant 10 West 24th Street #100 - - +1 (443) 269-1555 x333 Baltimore, Maryland 21218 - - - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- This message is copyright PD Inc, subject to license 20080407P00. > -----Original Message----- > From: centos-bounces at centos.org > [mailto:centos-bounces at centos.org] On Behalf Of Jason Pyeron > Sent: Saturday, May 14, 2011 19:18 > To: 'CentOS mailing list' > Subject: Re: [CentOS] Apache in chroot reporting every client > is 16.0.0.0 > > > -----Original Message----- > > From: centos-bounces at centos.org > > [mailto:centos-bounces at centos.org] On Behalf Of Robert Heller > > Sent: Saturday, May 14, 2011 19:02 > > To: CentOS mailing list > > Cc: 'CentOS mailing list' > > Subject: Re: [CentOS] Apache in chroot reporting every client is > > 16.0.0.0 > > > > At Sat, 14 May 2011 18:45:32 -0400 CentOS mailing list > > <centos at centos.org> wrote: > > > > > > > > > -----Original Message----- > > > > From: centos-bounces at centos.org > > > > [mailto:centos-bounces at centos.org] On Behalf Of Marian Marinov > > > > Sent: Saturday, May 14, 2011 16:06 > > > > To: CentOS mailing list > > > > Subject: Re: [CentOS] Apache in chroot reporting every > client is > > > > 16.0.0.0 > > > > > > > > On Saturday 14 May 2011 20:50:54 Jason Pyeron wrote: > > > > > Not sure where to start on this. I went to examine a log file > > > > > today and noticed a password protected internal file was being > > > > accessed from > > > > > 16.0.0.0. Upon further review every log entry has the > same IP. > > > > > Accessing apache from localhost also reports 16.0.0.0. > > > > > > > > > > Google is not being my friend right now, any advice? > > > > > > > > > > Kernel: 2.6.9-89.0.29.Elsmp > > > > > > > > > > In the chroot: > > > > > > > > > > httpd-suexec-2.0.52-41.ent.7.centos4 > > > > > httpd-devel-2.0.52-41.ent.7.centos4 > > > > > httpd-2.0.52-41.ent.7.centos4 > > > > > > > > > > -jason > > > > > > > > Check the resolv setup in the chroot. etc/resolv.conf, > etc/hosts, > > > > etc/nsswitch.conf > > > > > > Hosts are resolving and /etc/resolv.conf is good. > > > > > > Etc hosts and nsswitch are defaulted. > > > > Is this /etc/resolv.conf IN the chroot tree that httpd is > running in > > or in the real system root? Check etc/resolv.conf, etc/hosts, > > etc/nsswitch.conf, under the chroot tree that httpd is > running in, not > > /etc/resolv.conf. > > The previous post was for inside the chroot. > > [root at devserver21 ~]# chroot /var/mnt/192.168.1.52 > [root at devserver21 /]# host 127.0.0.1 > 1.0.0.127.in-addr.arpa domain name pointer localhost. > [root at devserver21 /]# host localhost > localhost has address 127.0.0.1 > [root at devserver21 /]# host 192.168.1.67 > 67.1.168.192.in-addr.arpa domain name pointer > host67.1.internal.pdinc.us. > [root at devserver21 /]# host host67.1.internal.pdinc.us > host67.1.internal.pdinc.us has address 192.168.1.67 > [root at devserver21 /]# tail -n 0 -f /var/log/httpd/*_log & > curl -sk https://67.90.184.203/index.html > /dev/null && sleep > 15 && kill %1 > [1] 14018 > ==> /var/log/httpd/access_log <== > > ==> /var/log/httpd/error_log <== > > ==> /var/log/httpd/ssl_access_log <== > > ==> /var/log/httpd/ssl_error_log <== > > ==> /var/log/httpd/ssl_request_log <== > [14/May/2011:19:17:17 -0400] 16.0.0.0 TLSv1 > DHE-RSA-AES256-SHA "GET /index.html HTTP/1.1" 18 > [root at devserver21 /]# > [1]+ Terminated tail -n 0 -f /var/log/httpd/*_log > [root at devserver21 /]# > > > > -- > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- > - - > - Jason Pyeron PD Inc. http://www.pdinc.us - > - Principal Consultant 10 West 24th Street #100 - > - +1 (443) 269-1555 x333 Baltimore, Maryland 21218 - > - - > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- > This message is copyright PD Inc, subject to license 20080407P00. > > > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos >