FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > CentOS > CentOS

 
 
LinkBack Thread Tools
 
Old 07-11-2012, 07:22 AM
Eric Viseur
 
Default Strange httpd problem

Hi,

I'm currently setting up an IP accouting machine using CentOS 6 and pmacct,
compiled from source. The machine has two network interfaces :
- a "normal" one, used for SSH remote administration and viewing the
accouting data through a webserver (eth0)
- a "monitor" one, plugged into a mirroring port of our switch and with
no IP address defined (eth1)

The accouting part works fine, but I'm getting problems with the webserver.
To ensure there are no interference with the monitor interface, I set
iptables to drop all the outbound traffic on eth1 and httpd in bound to the
IP address of eth0, but I randomly become unable to contact the webserver;
my browser tells me it couldn't contact it. The SSH access works fine and
the CPU and memory usage are OK (5% CPU and 10% memory, our network is
currently on low traffic).

Any clues why this is happening ?

Regards,
Eric Viseur
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 07-13-2012, 10:56 PM
Gordon Messmer
 
Default Strange httpd problem

On 07/11/2012 12:22 AM, Eric Viseur wrote:
> To ensure there are no interference with the monitor interface, I set
> iptables to drop all the outbound traffic on eth1 and httpd in bound to the
> IP address of eth0, but I randomly become unable to contact the webserver;
...
> Any clues why this is happening ?

Not off hand, but you could help by posting the configuration file
containing your rules instead of a vague description of it. There's not
really enough to go on yet.

Rules dropping outbound traffic on the un-numbered interface are
extraneous. If the kernel doesn't have an address on that interface, it
won't have any routes assigned to that interface either. Hence, no
traffic will be directed out of the un-numbered interface. If you list
your rules with "iptables -L -v" you'll see the packet counter on that
rule has 0 hits, because it's never used.
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 

Thread Tools




All times are GMT. The time now is 11:32 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org