You are viewing a plain text version of this content. The canonical link for it is here.
Posted to bugs@httpd.apache.org by bu...@apache.org on 2008/05/07 22:35:42 UTC
DO NOT REPLY [Bug 44952] New: FIN packets change port with mod_proxy
https://issues.apache.org/bugzilla/show_bug.cgi?id=44952
Summary: FIN packets change port with mod_proxy
Product: Apache httpd-2
Version: 2.2.3
Platform: PC
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: mod_proxy
AssignedTo: bugs@httpd.apache.org
ReportedBy: scmoseman@gmail.com
CC: scmoseman@gmail.com
The problem is that when I'm going through the mod_proxy instance, the FIN
packets to close the TCP session get sent from a *different* source port than
the rest of the TCP transaction. Thus both hosts gets confused, packets are
dropped and I cannot complete a transaction (e.g. submit FORM data).
# cat /etc/redhat-release ; uname -ip
CentOS release 5 (Final)
i686 i386
# httpd -v
Server version: Apache/2.2.3
Server built: Jan 15 2008 20:33:30
Here's my test mod_proxy config...
<VirtualHost *>
ServerName scmoseman
ProxyRequests Off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / http://remotehost:8000/path/
ProxyPassReverse / http://remotehost:8000/path/
<Location />
Order allow,deny
Allow from all
</Location>
RewriteEngine On
RewriteCond %{REQUEST_URI} ^/path/(.*)
RewriteRule ^/path/(.*) /$1 [R]
</VirtualHost>
An example of the problem: When I attempt to login to the website, the entire
transaction is done through the source port 3965. When it comes time for the
FIN ACK to close the connection, it's going out on source port 4476.
remotehost asks for a RST, but since its on a different port its rejected. And
I'm unable to login to the website. (Just viewing the website in read-only
mode works fine.)
When I attempt the same thing directly using a local web browser and going to
the remotehost URL direct, the entire TCP connection uses a single source port
(including the FIN ACK session).
It does not matter if I use "remotehost" or "remotehost.domain.com" when
referencing the website. The problem exists either way.
Thanks,
Scott
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
DO NOT REPLY [Bug 44952] FIN packets change port with mod_proxy
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=44952
Ruediger Pluem <rp...@apache.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |NEEDINFO
--- Comment #1 from Ruediger Pluem <rp...@apache.org> 2008-05-07 13:50:03 PST ---
Please attach a network sniff (tcpdump) over a whole request cycle that shows
this problem.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
DO NOT REPLY [Bug 44952] FIN packets change port with mod_proxy
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=44952
Scott Moseman <sc...@gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEEDINFO |RESOLVED
Resolution| |INVALID
--- Comment #2 from Scott Moseman <sc...@gmail.com> 2008-05-08 13:44:45 PST ---
I'm closing the bug report. Pointing the proxy at a different FORM based auth
website worked fine. So there's something odd with my destination server that
I need to resolve.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org