Re: Apache error log problem

From: carlo flores <carlo#petalphile.com>
Date: Thu, 7 Apr 2011 14:42:18 -0700


Hey Greg. You're welcome!

Only for clarity, rpaf is enabled?

l:~# a2enmod rpaf
Module rpaf already enabled
l:~# ls /etc/apache2/mods-enabled |grep rpaf rpaf.conf
rpaf.load

Also for clarity, that RPAFproxy_ips have to match the proxy host (HAProxy). For example, check out what happens when I change the ip here. (HAProxy is on localhost/127.0.0.1 on this test box):

l:~# vim /etc/apache2/mods-enabled/rpaf.conf l:~# cat /etc/apache2/mods-enabled/rpaf.conf <IfModule mod_rpaf.c>
RPAFenable On
RPAFsethostname On
RPAFproxy_ips 127.0.0.2
</IfModule>
l:~# /etc/init.d/apache2 restart
Restarting web server: apache2
 ... waiting apache2:
l:~# tail -f /var/log/apache2/error.log

[Thu Apr 07 13:33:35 2011] [error] [client 77.211.205.178] File does not exist: /var/www/res/]||!o.support.htmlSerialize&&[1, [Thu Apr 07 13:34:59 2011] [error] [client 93.158.148.31] File does not exist: /var/www/drop_calc_v2/robots.txt [Thu Apr 07 14:37:14 2011] [notice] caught SIGTERM, shutting down [Thu Apr 07 14:37:15 2011] [notice] Apache/2.2.17 (Debian) PHP/5.3.6-7 with Suhosin-Patch mod_perl/2.0.4 Perl/v5.10.1 configured -- resuming normal operations
# after restart with wrong proxyip...
[Thu Apr 07 14:37:50 2011] [error] [client 127.0.0.1] File does not exist: /var/www/ei/asdasd

Elsewise, rpaf won't go through the trouble of finding the last X-Forwarded-For header.

On Thu, Apr 7, 2011 at 1:51 PM, Greg Connolly <greg#dmcontact.com> wrote:
> Thanks for the quick reply, all that you pointed out is in place but this no joy.
>
>
> # dpkg -l | grep -i rpaf
> ii  libapache2-mod-rpaf                 0.5-3                      module for Apache2 which takes the last IP from the 'X-Forward
> # cat /etc/apache2/mods-available/rpaf.conf
> <IfModule mod_rpaf.c>
> RPAFenable On
> RPAFsethostname On
> RPAFproxy_ips 127.0.0.1
> </IfModule>
>
> # tail /vat/log/apache/error.log
> [Thu Apr 07 13:45:21 2011] [error] [client my.proxy.ip] File does not exist:  /var/www/asdasdsadasdasdsad
>
> Any more ideas? B^>
>
> Thanks Greg
>
> -----Original Message-----
> From: carlo flores [mailto:carlo#petalphile.com]
> Sent: Thursday, April 07, 2011 12:27 PM
> To: Greg Connolly
> Subject: Re: Apache error log problem
>
> We've been aggravated by this as well: LogFormat seemingly only works on access logs and not error log.  Is it possible to install mod-rpaf?
>  This is in Debian stable (libapache2-mod-rpaf), as a for-example of its availability, and after stating the Proxy's IP will grab the X-Forwarded-For.
>
> l:/etc/apache2# dpkg -l |grep -i rpaf
> ii  libapache2-mod-rpaf              0.5-3
> module for Apache2 which takes the last IP from the 'X-Forwarded-For'
> header
> l:/etc/apache2# cat mods-enabled/rpaf.conf <IfModule mod_rpaf.c> RPAFenable On RPAFsethostname On RPAFproxy_ips 127.0.0.1 </IfModule> l:/etc/apache2# tail -1 /var/log/apache2/error.log [Thu Apr 07 12:25:55 2011] [error] [client my.re.al.ip] File does not
> exist: /var/www/asdasdsadasdasdsad
>
>
>
> On Thu, Apr 7, 2011 at 11:44 AM, Greg Connolly <greg#dmcontact.com> wrote:
>> I’m having an issue getting the apache error logs to receive the
>> client ip’s. the proxy ip is the only one showing up. I have the
>> apache access log working using the forward-for but not the error
>> logs. Can anyone shed most light in this issue? Here is the current configuration.
>>
>>
>>
>> Apache2.conf
>>
>>
>>
>> LogFormat "%v:%p %{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\"
>> \"%{User-Agent}i\"" vhost_combined
>>
>> LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\"
>> \"%{User-Agent}i\"" combined
>>
>> LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b" common
>>
>> LogFormat "%{Referer}i -> %U" referer
>>
>> LogFormat "%{User-agent}i" agent
>>
>>
>>
>> Haproxy.cfg
>>
>>
>>
>> listen Test01 10.1.8.52:80
>>
>>        mode http
>>
>>        maxconn     1000
>>
>>        balance roundrobin
>>
>>        cookie JSESSIONID prefix
>>
>>        option httplog
>>
>>        option httpclose
>>
>>        option forwardfor except 10.0.0.0/16
>>
>>        option httpchk HEAD /haproxy_check.txt HTTP/1.0
>>
>>        stick-table type ip size 200k expire 18m
>>
>>        stick on src
>>
>>        server 10.1.109.52 10.1.109.52:80 weight 60 cookie B check
>>
>>        server 10.1.108.52 10.1.108.52:80 weight 40 cookie A check
>>
>>
>>
>> Thanks Greg
>
>
Received on 2011/04/07 23:42

This archive was generated by hypermail 2.2.0 : 2011/04/07 23:45 CEST