Return-Path: Delivered-To: apmail-incubator-couchdb-user-archive@locus.apache.org Received: (qmail 24706 invoked from network); 28 Apr 2008 22:05:55 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 28 Apr 2008 22:05:55 -0000 Received: (qmail 11809 invoked by uid 500); 28 Apr 2008 22:05:57 -0000 Delivered-To: apmail-incubator-couchdb-user-archive@incubator.apache.org Received: (qmail 11788 invoked by uid 500); 28 Apr 2008 22:05:57 -0000 Mailing-List: contact couchdb-user-help@incubator.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: couchdb-user@incubator.apache.org Delivered-To: mailing list couchdb-user@incubator.apache.org Received: (qmail 11775 invoked by uid 99); 28 Apr 2008 22:05:57 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 28 Apr 2008 15:05:57 -0700 X-ASF-Spam-Status: No, hits=-0.0 required=10.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of paul.joseph.davis@gmail.com designates 74.125.46.155 as permitted sender) Received: from [74.125.46.155] (HELO yw-out-1718.google.com) (74.125.46.155) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 28 Apr 2008 22:05:03 +0000 Received: by yw-out-1718.google.com with SMTP id 5so461689ywm.0 for ; Mon, 28 Apr 2008 15:05:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=Mva5E93dYCBKWTMe0JZFE/VMQMjvEs93pFHaepmbVLg=; b=yCoDwEijpTJuwE3enJKlZd3YdoOCL4am6biTwgN4KRG3ZcJrb6DwuBugptVULkJ8KMnRJW9PYc32MYnHbbI1M1cpH2QmQzgZ/XRK/sltMt451tta5BMZXslv+pwTcpDY1ltIfwQYb63V3dVVm5BnvsL3a1UPWpCm41YuiebQaOk= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=Asa/Kj4CMOUtqiRxr5yFYBdeCWrPl71BOm8xPIU1QsbDOSrhFxNaMgTd3zhqwRA6RUKVeXPQkfSOvH9hB1hcF5qxougKCN3ALEPX4juj0FnpoozmiOMX6E+aRpElqJrv3NR4sXfXyo6SuzZHaD5KkHSjYSFv/zM3gK4jZkdqMvU= Received: by 10.150.69.5 with SMTP id r5mr2457892yba.98.1209420317145; Mon, 28 Apr 2008 15:05:17 -0700 (PDT) Received: by 10.150.147.9 with HTTP; Mon, 28 Apr 2008 15:05:17 -0700 (PDT) Message-ID: Date: Mon, 28 Apr 2008 18:05:17 -0400 From: "Paul Davis" To: couchdb-user@incubator.apache.org Subject: Re: firewall In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <3C127D68-D5DA-4D43-914E-23D25F735449@uci.edu> <7CA3D19E-8AB1-46A1-93F2-964BF723C9BB@uci.edu> X-Virus-Checked: Checked by ClamAV on apache.org I'd start by getting a tcpdump of the traffic to port 5984 on the couchdb machine. On Mon, Apr 28, 2008 at 5:59 PM, Tommy Chheng wrote: > Ok, previously I checked out from the google code source. > Still can't access from external and all iptables rules are turned off. > > I tried both > BindAddress=127.0.0.1 > > BindAddress=0.0.0.0 > > > There's no response from the outside. > couch 0.7.3a652071 (LogLevel=info) > Apache CouchDB is starting. > Apache CouchDB has started. Time to relax. > > Only when I access from the same machine do i get info from the couchdb > output: > [info] [<0.54.0>] 127.0.0.1 - - "GET /" 200 > > > Any thoughts in where to start to debug? > > - > Tommy > > > > On Apr 28, 2008, at 2:23 PM, Paul Davis wrote: > > > > I might also point out that judging from the version number you > > checked out of SVN before the move to apache. I'd check out a fresh > > copy from svn.apache.org and see if that fixes things. > > > > Paul > > > > On Mon, Apr 28, 2008 at 5:18 PM, Jan Lehnardt wrote: > > > > > With trunk you don't need the couch_httpd.ini anymore. It > > > was all merged into couch.ini > > > > > > Cheers > > > Jan > > > -- > > > > > > > > > On Apr 28, 2008, at 22:11, Tommy Chheng wrote: > > > > > > > > > > Apparently the httpd_conf is needed :( > > > > > > > > httpd_conf: Error while reading config file: httpd_conf: Cannot open > > > > > > > couch_httpd.conf > > > > > > > > > > > > > > > > > > > On Apr 28, 2008, at 12:04 PM, Paul Davis wrote: > > > > > > > > > > > > > > > > > On Mon, Apr 28, 2008 at 2:57 PM, Tommy Chheng > wrote: > > > > > > > > > > > > > > > > ok, I added the Port to the couch.ini and changed my > couch_http.conf > > > > > > > > > > > > > > > > > > to > > > > > > > > > > > > > > > > > > match Still no luck: > > > > > > my couch_http.conf file > > > > > > http://pastie.caboo.se/188195 > > > > > > > > > > > > I'm running nginx and mongrel for rails on this server.. I doubt > > > > > > > > > > > > > > > > > > these can > > > > > > > > > > > > > > > > > > be an issue since they aren't touching 5984 at all and no firewall > is > > > > > > > > > > > > > > > > > > on... > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > On Apr 28, 2008, at 11:38 AM, Paul Davis wrote: > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > On Mon, Apr 28, 2008 at 2:30 PM, Tommy Chheng > > > > > > > > > > > > > > > > > > > > > > > > > wrote: > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > I added BindAddress so my couch.ini file looks like: > > > > > > > > http://pastie.caboo.se/188174 > > > > > > > > > > > > > > > > Still same problem. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > On Apr 28, 2008, at 11:22 AM, Paul Davis wrote: > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > On Mon, Apr 28, 2008 at 2:19 PM, Tommy Chheng > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > wrote: > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Ok, so i just turned off the firewall temporary > > > > > > > > > > > > > > > > > > > > /sbin/iptables -L > > > > > > > > > > Chain INPUT (policy ACCEPT) > > > > > > > > > > target prot opt source destination > > > > > > > > > > > > > > > > > > > > Chain FORWARD (policy ACCEPT) > > > > > > > > > > > > > > > > > > > > target prot opt source destination > > > > > > > > > > > > > > > > > > > > Chain OUTPUT (policy ACCEPT) > > > > > > > > > > > > > > > > > > > > target prot opt source destination > > > > > > > > > > > > > > > > > > > > Chain RH-Firewall-1-INPUT (0 references) > > > > > > > > > > > > > > > > > > > > target prot opt source destination > > > > > > > > > > > > > > > > > > > > Still no response from outside. It's only working via > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > localhost:5984. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Any ideas how to debug this? > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > On Apr 28, 2008, at 11:12 AM, Paul Davis wrote: > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > /sbin/iptables -A OUTPUT -p tcp -m tcp --dport 5984 -j > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > ACCEPT > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Ohhhh. Heh. > > > > > > > > > > > > > > > > > > /usr/local/etc/couchdb/couch.ini > > > > > > > > > > > > > > > > > > Change "BindAddresss=127.0.0.1" to "BindAddress=0.0.0.0" > > > > > > > > > > > > > > > > > > Or your local static ip to only listen on that IP. > > > > > > > > > > > > > > > > > > Paul > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > I don't see a port specified. I'd assume that's specified in > > > > > > > /usr/local/etc/couchdb/couch_httpd.conf. You might check if you > have > > > > > > > > > > > > > > > > > > > > > > > > > a > > > > > > > > > > > > > > > > > > > > > > > > > conflicting BindAddress in there as well. > > > > > > > > > > > > > > For reference, my couch.ini looks like this: > > > > > > > http://pastie.caboo.se/188178 > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > The other servers are reachable from an external host, right? > > > > > > > > > > Try commenting out the HttpConf. I've never used that and don't have > > > > > much of an idea on what the side effects might be. Could it be that > > > > > having the BindAddress and Port specified multiple times is causing > > > > > issues? > > > > > > > > > > Paul > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > >