Hey Guys,
I see the following on the nginx server by going to
http://virtual_ip_on_ngix however, the cookie headers are never
passed to the clients browser. I can see the headers in the http proxy
header but my firefox browser never sees the cookies (i do see the
ookie with __utma* ones but not the cookie that is GCD, PHPSESSID,
SESSIOn2)
any ideas? topology is : client --> virtual ip on nginx proxy -->
proxy_pass to origin -->
Log file:
2009/09/17 17:01:08 [debug] 4087#0: *192 http script copy: "Connection: close
"
2009/09/17 17:01:08 [debug] 4087#0: *192 http proxy header:
"User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US;
rv:1.9.0.14) Gecko/2009082706 Firefox/3.0.14"
2009/09/17 17:01:08 [debug] 4087#0: *192 http proxy header: "Accept:
text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"
2009/09/17 17:01:08 [debug] 4087#0: *192 http proxy header:
"Accept-Language: en-us,en;q=0.5"
2009/09/17 17:01:08 [debug] 4087#0: *192 http proxy header:
"Accept-Encoding: gzip,deflate"
2009/09/17 17:01:08 [debug] 4087#0: *192 http proxy header:
"Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7"
2009/09/17 17:01:08 [debug] 4087#0: *192 http proxy header: "Cookie:
payam; __utma=182747233.1236263871.1253228942.1253228942.1253231200.2;
__utmc=182747233;
__utmz=182747233.1253228942.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none);
__utmb=182747233.4.10.1253231200; GCD=Z6SV699O;
PHPSESSID=fa4326f19f65c889ee383a879a410116;
session2=59e5538b72f46538f80cf8521b3dc014"
2009/09/17 17:01:08 [debug] 4087#0: *192 http proxy header:
"GET / HTTP/1.0
Host: 69.172.200.17
X-Real-IP: 70.68.178.133
X-Forwarded-For: 70.68.178.133
Connection: close
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US;
rv:1.9.0.14) Gecko/2009082706 Firefox/3.0.14
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Cookie: payam; __utma=182747233.1236263871.1253228942.1253228942.1253231200.2;
__utmc=182747233;
__utmz=182747233.1253228942.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none);
__utmb=182747233.4.10.1253231200; GCD=Z6SV699O;
PHPSESSID=fa4326f19f65c889ee383a879a410116;
session2=59e5538b72f46538f80cf8521b3dc014
"
2009/09/17 17:01:08 [debug] 4087#0: *192 http cleanup add: 094FED34
2009/09/17 17:01:08 [debug] 4087#0: *192 get rr peer, try: 1
2009/09/17 17:01:08 [debug] 4087#0: *192 socket 76
2009/09/17 17:01:08 [debug] 4087#0: *192 epoll add connection: fd:76 ev:80000005
2009/09/17 17:01:08 [debug] 4087#0: *192 connect to 174.143.25.223:80,
fd:76 #2021
2009/09/17 17:01:08 [debug] 4087#0: *192 http upstream connect: -2
2009/09/17 17:01:08 [debug] 4087#0: *192 event timer add: 76: 300000:3396885177
2009/09/17 17:01:08 [debug] 4087#0: *192 http run request: "/?"
2009/09/17 17:01:08 [debug] 4087#0: *192 http upstream check client,
write event:1, "/"
2009/09/17 17:01:08 [debug] 4087#0: *192 http upstream recv(): -1 (11:
Resource temporarily unavailable)
2009/09/17 17:01:08 [debug] 4087#0: *192 http upstream request: "/?"
2009/09/17 17:01:08 [debug] 4087#0: *192 http upstream send request handler
2009/09/17 17:01:08 [debug] 4087#0: *192 http upstream send request
2009/09/17 17:01:08 [debug] 4087#0: *192 chain writer buf fl:1 s:725
2009/09/17 17:01:08 [debug] 4087#0: *192 chain writer in: 094FED50
2009/09/17 17:01:08 [debug] 4087#0: *192 writev: 725
2009/09/17 17:01:08 [debug] 4087#0: *192 chain writer out: 00000000
2009/09/17 17:01:08 [debug] 4087#0: *192 event timer del: 76: 3396885177
2009/09/17 17:01:08 [debug] 4087#0: *192 event timer add: 76: 300000:3396885218
==> /var/log/nginx/69.172.200.17_ypf_http_thathostingplace_www.gametimezone.com.access.log
<==
70.68.178.133 - - [17/Sep/2009:17:01:08 -0700] "GET / HTTP/1.1" "200"
5524 "-""Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US;
rv:1.9.0.14) Gecko/2009082706 Firefox/3.0.14" "-"
==> /var/log/nginx/69.172.200.17_ypf_http_thathostingplace_www.gametimezone.com.error.log
<==
2009/09/17 17:01:08 [debug] 4087#0: *192 http upstream request: "/?"
2009/09/17 17:01:08 [debug] 4087#0: *192 http upstream process header
2009/09/17 17:01:08 [debug] 4087#0: *192 malloc: 096D3150:16384
2009/09/17 17:01:08 [debug] 4087#0: *192 recv: fd:76 1448 of 16339
2009/09/17 17:01:08 [debug] 4087#0: *192 http proxy status 200 "200 OK"
2009/09/17 17:01:08 [debug] 4087#0: *192 http proxy header: "Date:
Thu, 17 Sep 2009 23:58:44 GMT"
2009/09/17 17:01:08 [debug] 4087#0: *192 malloc: 09506628:4096
2009/09/17 17:01:08 [debug] 4087#0: *192 http proxy header: "Server:
Apache/2.2.3 (Debian) PHP/5.2.0-8+etch15 mod_ssl/2.2.3 OpenSSL/0.9.8c
mod_perl/2.0.2 Perl/v5.8.8"
2009/09/17 17:01:08 [debug] 4087#0: *192 http proxy header:
"X-Powered-By: PHP/5.2.0-8+etch15"
2009/09/17 17:01:08 [debug] 4087#0: *192 http proxy header:
"Set-Cookie: GCD=Z6SV699O; expires=Mon, 16-Nov-2009 23:58:44 GMT;
path=/"
2009/09/17 17:01:08 [debug] 4087#0: *192 http proxy header: "Expires:
Sat, 26 Jul 1997 05:00:00 GMT"
2009/09/17 17:01:08 [debug] 4087#0: *192 http proxy header:
"Cache-Control: no-cache, must-revalidate"
2009/09/17 17:01:08 [debug] 4087#0: *192 http proxy header: "Pragma: no-cache"
2009/09/17 17:01:08 [debug] 4087#0: *192 http proxy header: "Connection: close"
2009/09/17 17:01:08 [debug] 4087#0: *192 http proxy header:
"Content-Type: text/html; charset=UTF-8"
2009/09/17 17:01:08 [debug] 4087#0: *192 http proxy header done
2009/09/17 17:01:08 [debug] 4087#0: *192 HTTP/1.1 200 OK
Server: nginx/0.7.54
Date: Fri, 18 Sep 2009 00:01:08 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.2.0-8+etch15
Set-Cookie: GCD=Z6SV699O; expires=Mon, 16-Nov-2009 23:58:44 GMT; path=/
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
If i go to http://origin_ip_server all proper cookies are applied to
the header and cilent side can see all cookies
nginx.conf
http {
include proxy.conf;
include mime.types;
include cache.conf;
include rate-limit.conf;
include con-limit.conf;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'"$status" $body_bytes_sent "$http_referer"'
'"$http_user_agent" "$http_x_forwarded_for"';
include /etc/nginx/sites-enabled/conf/*.conf;
include /etc/nginx/servers/*http_server.conf;
sendfile on;
tcp_nodelay off;
keepalive_timeout 300;
send_timeout 90;
client_body_timeout 60;
client_header_timeout 60;
client_header_buffer_size 1k;
large_client_header_buffers 4 4k;
proxy.conf
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout 300;
proxy_send_timeout 300;
proxy_read_timeout 300;
proxy_buffer_size 16k;
proxy_buffers 32 4k;
proxy_busy_buffers_size 64k;
any help would greatly be appreciated as I cant not locate the issue
at this point
--
Payam Tarverdyan Chychi
Network Security Specialist / Network Engineer
