problem viewing webserver pages

Hi, My original question is in the Web Development Software section under Apache with the same title as above.  I initially thought it was an Apache problem but it may be more a linux problem.  

The first person who can help me with the problem will get all the points from both posts.
rlivingsAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
ahoffmannConnect With a Mentor Commented:
to narrow down the amount of output, use something like:

  tcpdump -l -n -i eth0 port 80 and port 443

Then test with a client that works, you should see:
     client-ip.high-port > server-ip.80 S ...
     server-ip.80 > client-ip.high-port P ..

and so on (Just printed the important parts of output)
Then try the same with a client not working and post the messages you see here (feel free to substitute your IPs)
0
 
The--CaptainCommented:
For those as lazy as rlivings:

http://www.experts-exchange.com/jsp/qShow.jsp?ta=apache&qid=20304133

The solution is simple - turn off iptables, and watch for expected traffic w/ tcpdump - if you don't see any traffic, you've managed to annoy the security manager portion of Java (your network setting changed somehow when you upgraded) - if you *do* see traffic, then you know where to look...

Cheers,
-Jon
0
 
ahoffmannCommented:
ok, this is a linux TA, should we continue with network analyzing here (leaving other comments in the original question beside), or should it be just a link to the original question (see Jon's link)?

I also suggest to start with tcpdump on the webserver.
0
Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
The--CaptainCommented:
If it's not a zero-pointer, comments here are welcome as well, IMO.

Cheers,
-Jon
0
 
rlivingsAuthor Commented:
I wasn't sure if the post would parse html tags or not but since the Captain explained that.... now I know :p

I will try this tomorrow since I need to study for an exam today.

thank.
0
 
The--CaptainCommented:
hehe - I was joking about the laziness (since I am the king of lazy).  It's what makes us good experts (remember, Larry Wall (author of Perl) includes laziness in his top three programming virtues [along with hubris hehe]).

Let us know how it goes w/ tcpdump...

Cheers,
-Jon
0
 
rlivingsAuthor Commented:
hey The--Captain, I'm not quite sure how to read tcpdump nor where I'm supposed to read.  I had to do a control-c during the tcpdump output to stop it.  Here is something that was displayed:

14:03:03.785935 uhunix2.its.hawaii.edu.ssh > 128.171.45.220.1147: . 715624:716728(1104) ack 5601 win 24820 (DF)
14:03:03.786420 uhunix2.its.hawaii.edu.ssh > 128.171.45.220.1147: P 716728:717280(552) ack 5601 win 24820 (DF)
14:03:03.787384 uhunix2.its.hawaii.edu.ssh > 128.171.45.220.1147: . 717280:718384(1104) ack 5641 win 24820 (DF)
14:03:03.787873 uhunix2.its.hawaii.edu.ssh > 128.171.45.220.1147: P 718384:718936(552) ack 5641 win 24820 (DF)
 

128.171.45.220 is one of the machines I'm trying to use to access the server.
0
 
rlivingsAuthor Commented:
just realized that the machines on the LAN can't access the webserver and vice-versa
0
 
ahoffmannCommented:
use tcpdump like this:

  tcpdump -l -n -i eth0 not port ssh

where eth0 is the interface where you expect your webserver
0
 
rlivingsAuthor Commented:
ahoffman, I see a bunch of output that seems to run infinitely.  Is there something that I should be looking for??
0
 
rlivingsAuthor Commented:
this is my output when I connect to my server via a remote location

ex.my local computer -> remote server -> my local webserver

13:55:12.502128 128.171.45.220.1939 > 128.171.44.7.ssh: P 334934173:334934213(40) ack 3181176822 win 17344 (DF)
13:55:12.515302 128.171.44.7.ssh > 128.171.45.220.1939: P 1:41(40) ack 40 win 24820 (DF)
13:55:12.572020 128.171.44.7.39289 > 128.171.45.31.ssh: S 243095616:243095616(0)win 24820 <nop,nop,sackOK,mss 1460> (DF)
13:55:12.575895 128.171.45.31.ssh > 128.171.44.7.39289: S 2321827900:2321827900(0) ack 243095617 win 5840 <mss 1460,nop,nop,sackOK> (DF)

--------------------
here is my output when I try to connect directly to my webserver.


ex.my local computer -> my local webserver

13:43:22.173363 128.171.45.220.1955 > 128.171.45.31.ssh: S 503416547:503416547(0) win 16384 <mss 1460,nop,nop,sackOK> (DF)
13:43:25.169221 128.171.45.220.1955 > 128.171.45.31.ssh: S 503416547:503416547(0) win 16384 <mss 1460,nop,nop,sackOK> (DF)
13:43:31.188313 128.171.45.220.1955 > 128.171.45.31.ssh: S 503416547:503416547(0) win 16384 <mss 1460,nop,nop,sackOK> (DF)
13:43:43.227092 128.171.45.220.1955 > 128.171.45.31.ssh: S 508725217:508725217(0) win 16384 <mss 1460,nop,nop,sackOK> (DF)
0
 
ahoffmannCommented:
ou did not use my suggested command 'cause it still reports the ssh port
Also You should connect with your browser, so you have to see http or https as port.
0
 
rlivingsAuthor Commented:
ahoffman, there are multiple problems here.  I don't just have problems viewing http and https.  If all the problems are one and the same shouldn't the tcpdump for when I ssh into the machine give similar incorrect output??

Anyway I decided to give up on this problem.  Thanks for all the help ahoffmann, I don't think this idea of back and forth answering will help me due to time constraints.  My impression is that the attempt to solve this problem will go on for quite a bit longer and I will probably still not have the answer I need.

I am going to do a clean installation.
0
 
ahoffmannCommented:
hope it helped anyway, feel free to come back for answers
Thanks.
0
 
The--CaptainCommented:
>shouldn't the tcpdump for when I ssh into the machine
>give similar incorrect output??

Not if your problems are limited to http/https...

Please try:

tcpdump -l -n '!port 22'

or

tcpdump -l -n | grep -v ssh

and don't forget the single quotes in the first example.

Cheers,
-Jon

0
 
The--CaptainCommented:
Please don't give up on tcpdump prematurely - it can and will solve your packet delivery problems 99% of the time, if you know how to use it correctly...

Cheersm
-Jon

0
 
The--CaptainCommented:
Dmaned comma is right next to the M key - should be:

Cheers,
-Jon
0
 
The--CaptainCommented:
But I have no excuse for spelling "damned" incorrectly
0
 
ahoffmannCommented:
'!port ssh'  ==  not port ssh
;-)

but I suggested:
   tcpdump -l -n -i eth0 port 80 and port 443
which does not list ssh connections
If it does not list anything, there is no activity on port 80 or 443.
0
 
The--CaptainCommented:
Quite correct - I mainly just wanted to see any other traffic oddments if they existed (might also reveal DNS problems).

Cheers,
-Jon
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.