From owner-freebsd-questions Wed Dec 25 16:35:24 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7EF9437B401 for ; Wed, 25 Dec 2002 16:35:22 -0800 (PST) Received: from smtpauth2-ext.prodigy.net (smtpauth2-ext.prodigy.net [207.115.63.116]) by mx1.FreeBSD.org (Postfix) with ESMTP id A69F843EA9 for ; Wed, 25 Dec 2002 16:35:21 -0800 (PST) (envelope-from jimit@myrealbox.com) Received: from hawk (crtntx1-ar1-4-60-243-201.crtntx1.dsl-verizon.net [4.60.243.201]) (authenticated) by smtpauth2-ext.prodigy.net (8.11.0/8.11.0) with ESMTP id gBQ0ZGp158598; Wed, 25 Dec 2002 19:35:17 -0500 From: "Jimi Thompson" To: , Subject: RE: Refusing Connections Date: Wed, 25 Dec 2002 18:36:13 -0800 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) In-Reply-To: X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 Importance: Normal Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Bernardo & Et. AL, Thank you to those of you have generously offered me your assistance. I grew frustrated, gave up and formatted the drive and reinstalled with a slightly newer version of FreeBSD, which seems to have solved the problem. I was never able to determine the root cause of the issue. I suspect that it was something in the OS causing a proxy effect to port 8080. I still have no idea why this happened. The only thing that was on this box is the OS, Perl, OpenSSL, OpenSSH, and Apache. I was able to determine from port scanning the box internally that the httpd process was running, but not allowing any network connections. I know that my ISP is not the issue because I have a web interface on my mail servers which operates initially on port 80 and that was not blocked. The firewall on the box was disabled. The httpd.conf that I was using is now in use running the current build. For informational purposes, in case someone else should encounter this issue, I will repost some things. The netstat that I did looked like this: netstat -an -finet -ptcp > Active Internet connections (including servers) > Proto Recv-Q Send-Q Local Address Foreign Address (state) > tcp4 0 0 4.60.243.40.22 4.60.243.201.1277 > ESTABLISHED > tcp4 0 0 *.8021 *.* LISTEN > tcp4 0 0 *.8080 *.* LISTEN > tcp4 0 0 *.587 *.* LISTEN > tcp4 0 0 *.25 *.* LISTEN > tcp4 0 0 4.60.243.40.22 *.* LISTEN This was the ONLY thing in the error log. [Sat Dec 21 23:48:19 2002] [notice] caught SIGTERM, shutting down > > [Sat Dec 21 23:48:25 2002] [warn] RSA server certificate CommonName (CN) > `web1' does NOT match server name!? > [Sat Dec 21 23:48:28 2002] [warn] RSA server certificate CommonName (CN) > `web1' does NOT match server name!? > [Sat Dec 21 23:48:28 2002] [notice] Apache/2.0.43 (Unix) mod_ssl/2.0.43 > OpenSSL/0.9.6g configured -- resuming > normal operations Note that "top", etc. showed the httpd process running. However, it remained idle even when I was attempting to make a connection to the box. Apparently the connection request wasn't making it through the TCP/IP stack and reaching the httpd process. Why this was happening, I have no idea. Maybe we were hacked??? Thanks, Ms. Jimi Thompson Those who are too smart to engage in politics are punished by being governed by those who are dumber. - Plato To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message