[CentOS] Apache in chroot reporting every client is 16.0.0.0

Sun May 15 14:43:59 UTC 2011
Jason Pyeron <jpyeron at pdinc.us>

I am going to move this thread to the apache users list, as there are no other
applications having trouble in the chroot

Apache is setting REMOTE_ADDR=16.0.0.0 for PHP and cgi scripts.

Searching the web, I keep finding my own posts:
http://www.gossamer-threads.com/lists/apache/users/388695


--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
-                                                               -
- Jason Pyeron                      PD Inc. http://www.pdinc.us -
- Principal Consultant              10 West 24th Street #100    -
- +1 (443) 269-1555 x333            Baltimore, Maryland 21218   -
-                                                               -
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
This message is copyright PD Inc, subject to license 20080407P00.

 

> -----Original Message-----
> From: centos-bounces at centos.org 
> [mailto:centos-bounces at centos.org] On Behalf Of Jason Pyeron
> Sent: Saturday, May 14, 2011 19:18
> To: 'CentOS mailing list'
> Subject: Re: [CentOS] Apache in chroot reporting every client 
> is 16.0.0.0
> 
> > -----Original Message-----
> > From: centos-bounces at centos.org
> > [mailto:centos-bounces at centos.org] On Behalf Of Robert Heller
> > Sent: Saturday, May 14, 2011 19:02
> > To: CentOS mailing list
> > Cc: 'CentOS mailing list'
> > Subject: Re: [CentOS] Apache in chroot reporting every client is 
> > 16.0.0.0
> > 
> > At Sat, 14 May 2011 18:45:32 -0400 CentOS mailing list 
> > <centos at centos.org> wrote:
> > 
> > > 
> > > > -----Original Message-----
> > > > From: centos-bounces at centos.org
> > > > [mailto:centos-bounces at centos.org] On Behalf Of Marian Marinov
> > > > Sent: Saturday, May 14, 2011 16:06
> > > > To: CentOS mailing list
> > > > Subject: Re: [CentOS] Apache in chroot reporting every 
> client is 
> > > > 16.0.0.0
> > > > 
> > > > On Saturday 14 May 2011 20:50:54 Jason Pyeron wrote:
> > > > > Not sure where to start on this. I went to examine a log file 
> > > > > today and noticed a password protected internal file was being
> > > > accessed from
> > > > > 16.0.0.0. Upon further review every log entry has the 
> same IP. 
> > > > > Accessing apache from localhost also reports 16.0.0.0.
> > > > > 
> > > > > Google is not being my friend right now, any advice?
> > > > > 
> > > > > Kernel: 2.6.9-89.0.29.Elsmp
> > > > > 
> > > > > In the chroot:
> > > > > 
> > > > > httpd-suexec-2.0.52-41.ent.7.centos4
> > > > > httpd-devel-2.0.52-41.ent.7.centos4
> > > > > httpd-2.0.52-41.ent.7.centos4
> > > > > 
> > > > > -jason
> > > > 
> > > > Check the resolv setup in the chroot. etc/resolv.conf, 
> etc/hosts, 
> > > > etc/nsswitch.conf
> > > 
> > > Hosts are resolving and /etc/resolv.conf is good. 
> > > 
> > > Etc hosts and nsswitch are defaulted.
> > 
> > Is this /etc/resolv.conf IN the chroot tree that httpd is 
> running in 
> > or in the real system root?  Check etc/resolv.conf, etc/hosts, 
> > etc/nsswitch.conf, under the chroot tree that httpd is 
> running in, not 
> > /etc/resolv.conf.
> 
> The previous post was for inside the chroot.
> 
> [root at devserver21 ~]# chroot /var/mnt/192.168.1.52
> [root at devserver21 /]# host 127.0.0.1
> 1.0.0.127.in-addr.arpa domain name pointer localhost.
> [root at devserver21 /]# host localhost
> localhost has address 127.0.0.1
> [root at devserver21 /]# host 192.168.1.67
> 67.1.168.192.in-addr.arpa domain name pointer 
> host67.1.internal.pdinc.us.
> [root at devserver21 /]# host host67.1.internal.pdinc.us 
> host67.1.internal.pdinc.us has address 192.168.1.67
> [root at devserver21 /]# tail -n 0 -f /var/log/httpd/*_log & 
> curl -sk https://67.90.184.203/index.html > /dev/null && sleep
> 15 && kill %1
> [1] 14018
> ==> /var/log/httpd/access_log <==
> 
> ==> /var/log/httpd/error_log <==
> 
> ==> /var/log/httpd/ssl_access_log <==
> 
> ==> /var/log/httpd/ssl_error_log <==
> 
> ==> /var/log/httpd/ssl_request_log <==
> [14/May/2011:19:17:17 -0400] 16.0.0.0 TLSv1 
> DHE-RSA-AES256-SHA "GET /index.html HTTP/1.1" 18
> [root at devserver21 /]#
> [1]+  Terminated              tail -n 0 -f /var/log/httpd/*_log
> [root at devserver21 /]#
> 
> 
> 
> --
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
> -                                                               -
> - Jason Pyeron                      PD Inc. http://www.pdinc.us -
> - Principal Consultant              10 West 24th Street #100    -
> - +1 (443) 269-1555 x333            Baltimore, Maryland 21218   -
> -                                                               -
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
> This message is copyright PD Inc, subject to license 20080407P00.
> 
>  
> 
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>