DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUGĀ· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=43667>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED ANDĀ· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=43667 Summary: Invalid (network) source IP's are logged. Product: Apache httpd-2 Version: 2.0.52 Platform: PC OS/Version: Linux Status: NEW Severity: major Priority: P2 Component: Core AssignedTo: [email protected] ReportedBy: [EMAIL PROTECTED] We are running CentOS 4.5 (2.6.9-55.0.2.ELsmp / httpd-2.0.52-32.2.ent.centos4) using a somewhat complicated network stack (see ifconfig below). 2 NIC's are using tg3 driver which are bonded using the bonding driver, the 8021q driver is also providing a tagged interface on the bonded interface.. Everything functions normally however all requests from any source IP always get logged in apache using the same address which always ends in zero.. examples (130.65.159.0, 130.113.73.0). This address is persistant until apache is restarted then a different address is chosen. We have 6 servers setup this way all with different applications / workload all displaying the same symptom. I have tired using Listen parameter both with interface IP and 0.0.0.0:443 without success. Netstat and naturally tcpdump both show correct source IP for the requests. How does apache derive what goes into %h logging parameter? LMK if I can provide further information. Log example: 130.65.159.0 - - [21/Oct/2007:09:10:56 -0700] "GET / HTTP/1.1" 200 2760 "-" "Java/1.6.0" 130.65.159.0 - - [21/Oct/2007:09:10:56 -0700] "GET / HTTP/1.1" 200 2760 "-" "Java/1.6.0" 130.65.159.0 - - [21/Oct/2007:09:10:56 -0700] "GET / HTTP/1.1" 200 2760 "-" "Java/1.6.0" 130.65.159.0 - - [21/Oct/2007:09:11:08 -0700] "GET / HTTP/1.1" 200 2760 "-" "Java/1.5.0_11" #netstat -tanp | grep 443 | grep ESTA tcp 0 0 208.158.1.253:443 216.152.173.43:4459 ESTABLISHED 29916/httpd tcp 0 0 208.158.1.253:443 216.152.173.43:4476 ESTABLISHED 29922/httpd #ifconfig -a bond0 Link encap:Ethernet HWaddr 00:1A:A0:16:6F:C9 inet addr:192.168.255.68 Bcast:192.168.255.255 Mask:255.255.255.0 UP BROADCAST RUNNING MASTER MULTICAST MTU:1500 Metric:1 RX packets:434124526 errors:0 dropped:0 overruns:0 frame:0 TX packets:462568842 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:685862759 (654.0 MiB) TX bytes:3689179262 (3.4 GiB) bond0.158 Link encap:Ethernet HWaddr 00:1A:A0:16:6F:C9 inet addr:208.158.1.253 Bcast:208.158.1.255 Mask:255.255.255.0 UP BROADCAST RUNNING MASTER MULTICAST MTU:1500 Metric:1 RX packets:429076385 errors:0 dropped:0 overruns:0 frame:0 TX packets:457738459 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:3390328017 (3.1 GiB) TX bytes:3640731689 (3.3 GiB) eth0 Link encap:Ethernet HWaddr 00:1A:A0:16:6F:C9 UP BROADCAST RUNNING SLAVE MULTICAST MTU:1500 Metric:1 RX packets:412901942 errors:0 dropped:0 overruns:0 frame:0 TX packets:462568725 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:927142678 (884.1 MiB) TX bytes:3689171774 (3.4 GiB) Interrupt:185 eth1 Link encap:Ethernet HWaddr 00:1A:A0:16:6F:C9 UP BROADCAST RUNNING SLAVE MULTICAST MTU:1500 Metric:1 RX packets:21222584 errors:0 dropped:0 overruns:0 frame:0 TX packets:117 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:4053687377 (3.7 GiB) TX bytes:7488 (7.3 KiB) Interrupt:193 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:119465388 errors:0 dropped:0 overruns:0 frame:0 TX packets:119465388 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:613059774 (584.6 MiB) TX bytes:613059774 (584.6 MiB) -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
