couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Paul Davis" <paul.joseph.da...@gmail.com>
Subject Re: firewall
Date Mon, 28 Apr 2008 22:05:17 GMT
I'd start by getting a tcpdump of the traffic to port 5984 on the
couchdb machine.

On Mon, Apr 28, 2008 at 5:59 PM, Tommy Chheng <tchheng@uci.edu> wrote:
> Ok, previously I checked out from the google code source.
>  Still can't access from external and all iptables rules are turned off.
>
>  I tried both
>  BindAddress=127.0.0.1
>
>  BindAddress=0.0.0.0
>
>
>  There's no response from the outside.
>  couch 0.7.3a652071 (LogLevel=info)
>  Apache CouchDB is starting.
>  Apache CouchDB has started. Time to relax.
>
>  Only when I access from the same machine do i get info from the couchdb
> output:
>  [info] [<0.54.0>] 127.0.0.1 - - "GET /" 200
>
>
>  Any thoughts in where to start to debug?
>
>  -
>  Tommy
>
>
>
>  On Apr 28, 2008, at 2:23 PM, Paul Davis wrote:
>
>
> > I might also point out that judging from the version number you
> > checked out of SVN before the move to apache. I'd check out a fresh
> > copy from svn.apache.org and see if that fixes things.
> >
> > Paul
> >
> > On Mon, Apr 28, 2008 at 5:18 PM, Jan Lehnardt <jan@apache.org> wrote:
> >
> > > With trunk you don't need the couch_httpd.ini anymore. It
> > > was all merged into couch.ini
> > >
> > > Cheers
> > > Jan
> > > --
> > >
> > >
> > > On Apr 28, 2008, at 22:11, Tommy Chheng wrote:
> > >
> > >
> > > > Apparently the httpd_conf is needed :(
> > > >
> > > > httpd_conf: Error while reading config file: httpd_conf: Cannot open
> > > >
> > > couch_httpd.conf
> > >
> > > >
> > > >
> > > >
> > > > On Apr 28, 2008, at 12:04 PM, Paul Davis wrote:
> > > >
> > > >
> > > >
> > > > > On Mon, Apr 28, 2008 at 2:57 PM, Tommy Chheng <tchheng@uci.edu>
> wrote:
> > > > >
> > > > >
> > > > > > ok,  I added the Port to the couch.ini and changed my
> couch_http.conf
> > > > > >
> > > > >
> > > >
> > > to
> > >
> > > >
> > > > >
> > > > > > match Still no luck:
> > > > > > my couch_http.conf file
> > > > > > http://pastie.caboo.se/188195
> > > > > >
> > > > > > I'm running nginx and mongrel for rails on this server..  I
doubt
> > > > > >
> > > > >
> > > >
> > > these can
> > >
> > > >
> > > > >
> > > > > > be an issue since they aren't touching 5984 at all and no firewall
> is
> > > > > >
> > > > >
> > > >
> > > on...
> > >
> > > >
> > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > > On Apr 28, 2008, at 11:38 AM, Paul Davis wrote:
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > > > On Mon, Apr 28, 2008 at 2:30 PM, Tommy Chheng <tchheng@uci.edu>
> > > > > > >
> > > > > >
> > > > >
> > > >
> > > wrote:
> > >
> > > >
> > > > >
> > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > > I added BindAddress so my couch.ini file looks like:
> > > > > > > > http://pastie.caboo.se/188174
> > > > > > > >
> > > > > > > > Still same problem.
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > > On Apr 28, 2008, at 11:22 AM, Paul Davis wrote:
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > > > On Mon, Apr 28, 2008 at 2:19 PM, Tommy Chheng
> <tchheng@uci.edu>
> > > > > > > > >
> > > > > > > >
> > > > > > >
> > > > > >
> > > > >
> > > >
> > > wrote:
> > >
> > > >
> > > > >
> > > > > >
> > > > > > >
> > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > > Ok, so i just turned off the firewall temporary
> > > > > > > > > >
> > > > > > > > > > /sbin/iptables -L
> > > > > > > > > > Chain INPUT (policy ACCEPT)
> > > > > > > > > > target     prot opt source             
 destination
> > > > > > > > > >
> > > > > > > > > > Chain FORWARD (policy ACCEPT)
> > > > > > > > > >
> > > > > > > > > > target     prot opt source             
 destination
> > > > > > > > > >
> > > > > > > > > > Chain OUTPUT (policy ACCEPT)
> > > > > > > > > >
> > > > > > > > > > target     prot opt source             
 destination
> > > > > > > > > >
> > > > > > > > > > Chain RH-Firewall-1-INPUT (0 references)
> > > > > > > > > >
> > > > > > > > > > target     prot opt source             
 destination
> > > > > > > > > >
> > > > > > > > > > Still no response from outside. It's only
working via
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > >
> > > > > > >
> > > > > > localhost:5984.
> > > > > >
> > > > > >
> > > > > > >
> > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > Any ideas how to debug this?
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > On Apr 28, 2008, at 11:12 AM, Paul Davis
wrote:
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > /sbin/iptables -A OUTPUT -p tcp
-m tcp --dport 5984 -j
> > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > >
> > > > > > > >
> > > > > > >
> > > > > >
> > > > >
> > > >
> > > ACCEPT
> > >
> > > >
> > > > >
> > > > > >
> > > > > > >
> > > > > > > >
> > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > >
> > > > > > > > > Ohhhh. Heh.
> > > > > > > > >
> > > > > > > > > /usr/local/etc/couchdb/couch.ini
> > > > > > > > >
> > > > > > > > > Change "BindAddresss=127.0.0.1" to "BindAddress=0.0.0.0"
> > > > > > > > >
> > > > > > > > > Or your local static ip to only listen on that
IP.
> > > > > > > > >
> > > > > > > > > Paul
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > >
> > > > > > > I don't see a port specified. I'd assume that's specified
in
> > > > > > > /usr/local/etc/couchdb/couch_httpd.conf. You might check
if you
> have
> > > > > > >
> > > > > >
> > > > >
> > > >
> > > a
> > >
> > > >
> > > > >
> > > > > >
> > > > > > > conflicting BindAddress in there as well.
> > > > > > >
> > > > > > > For reference, my couch.ini looks like this:
> > > > > > > http://pastie.caboo.se/188178
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > >
> > > > > The other servers are reachable from an external host, right?
> > > > >
> > > > > Try commenting out the HttpConf. I've never used that and don't have
> > > > > much of an idea on what the side effects might be. Could it be that
> > > > > having the BindAddress and Port specified multiple times is causing
> > > > > issues?
> > > > >
> > > > > Paul
> > > > >
> > > > >
> > > > >
> > > >
> > > >
> > > >
> > > >
> > >
> > >
> > >
> >
> >
>
>

Mime
View raw message