- Original Message -
From: "David" <[EMAIL PROTECTED]>
To:
Sent: Thursday, February 24, 2005 11:29 PM
Subject: Re: [toaster] Qmailadmin errors
> Thanks guys...
>
> - Original Message -
> From: "Tom Collins" <[EMAIL PROTECTED]>
> To:
> Sent: Thursday, February 24, 2005 5:23 AM
> Subject: Re: [toaster] Qmailadmin errors
>
>
> > On Feb 23, 2005, at 10:42 AM, Bill Shupp wrote:
> > >> File error 6 (192.168.0.10, != 192.168.0.10 ..
> > >> ip_addr=192.168.0.10&returntext=&returnhttp= )
> > >
> > > Try using --disable-ipauth. I don't know why this started happening
> > > out of the blue, though.
> >
> > It's very odd. It's like the web server is setting REMOTE_ADDR to
> > include both the private and public IP of the machine accessing the
> > page. I'm not sure how it could even get the private IP in the first
> > place...
>
> That confuses me too; but I have seen a few websites able to return the
> private IP of my PC.
>
> > The cryptic "File error 6" is a security thing to prevent someone from
> > hijacking your session. If your IP address changes during your
> > QmailAdmin session, it will bail with that error.
>
> Ah, cool.
>
> > Bill has the correct solution, --disable-ipauth in the configuration
> > options.
>
> OK, thanks - I will do if it comes to that!
>
> > This might be interesting -- try running this simple perl script as a
> > cgi and see what it reports:
> >
> > #!/usr/bin/perl
> >
> > print "Content-type: text/plain\n\n";
> >
> > foreach (sort keys %ENV) {
> > print "$_ is $ENV{$_}\n";
> > }
>
> Here are my edited results (sorry did the removing public IP/domain names
> thing:)
>
> --
--
>
>
> DOCUMENT_ROOT is /www/vhost/www.qmailadminsite.tld
> GATEWAY_INTERFACE is CGI/1.1
> HTTP_ACCEPT is image/gif, image/x-xbitmap, image/jpeg, image/pjpeg,
> application/vnd.ms-powerpoint, application/vnd.ms-excel,
application/msword,
> application/x-shockwave-flash, */*
> HTTP_ACCEPT_ENCODING is gzip, deflate
> HTTP_ACCEPT_LANGUAGE is en-au
> HTTP_CACHE_CONTROL is max-age=259200
> HTTP_CONNECTION is keep-alive
> HTTP_COOKIE is AWSUSER_ID=awsuser_id1107818209949r6720
> HTTP_HOST is www.qmailadminsite.tld
> HTTP_USER_AGENT is Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET
> CLR 1.0.3705)
> HTTP_VIA is 1.1 squid.mylinuxrouter.tld:3128 (squid/2.5.STABLE4-20040111),
> 1.0 adl-pow-pr1.tpgi.com.au:3128 (squid/2.5.STABLE7)
> HTTP_X_FORWARDED_FOR is 192.168.0.10, 220.244.57.214
> PATH is /sbin:/usr/sbin:/bin:/usr/bin:/usr/X11R6/bin
> QUERY_STRING is
> REMOTE_ADDR is
> REMOTE_PORT is 53116
> REQUEST_METHOD is GET
> REQUEST_URI is /cgi-bin/test.cgi
> SCRIPT_FILENAME is /www/cgi-bin/test.cgi
> SCRIPT_NAME is /cgi-bin/test.cgi
> SERVER_ADDR is
> SERVER_ADMIN is [EMAIL PROTECTED]
> SERVER_NAME is www.qmailadminsite.tld
> SERVER_PORT is 80
> SERVER_PROTOCOL is HTTP/1.0
> SERVER_SIGNATURE is Apache/1.3.33 Server at HREF="mailto:[EMAIL PROTECTED]">www.qmailadminsite.tld Port
> 80
>
> SERVER_SOFTWARE is Apache/1.3.33 (Unix) PHP/4.3.10 mod_ssl/2.8.22
> OpenSSL/0.9.7d
>
> --
--
>
>
> From this, I wonder if our recent change to round-robin of
> www.qmailadminsite.tld could have affected things? Considering that the
> check is IP address-based?
>
> Only thing is, I wouldn't expect that the IP address could change
> mid-session... I mean the M$ browser I'm using supposedly caches
successful
> DNS responses for 12 hours by default...
>
> Thanks again,
> David.
>
> > --
> > Tom Collins - [EMAIL PROTECTED]
> > QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/
> > You don't need a laptop to troubleshoot high-speed Internet:
> > sniffter.com
> >
> >
> >
>
>
>
Well I don't know if all that info. from the CGI script has been helpful to
anyone, but I think my problem is solved now. I think I brought the problem
on by recently adding the domain my qmailadmin package is served under into
a round-robin type DNS configuration of two IP addresses. Even though M$
Internet Explorer caches a DNS query internally for some great long time (12
hours I heard) it seems that something else in my internet connection
chain - perhaps my Linux firewall - doesn't, and I'm guessing that's what
tripped the error :
> > The cryptic "File error 6" is a security thing to prevent someone from
> > hijacking your session. If your IP address changes during your
> > QmailAdmin session, it will bail with that error.
I can successfully perform all functions in qmailadmin since I removed my
qmailadmin domain from round-robin. So my solution will I think be to put it
on a sub-domain on a host which isn't part of the round-robin and whose IP
address won't change, and keep qmailadmin's IP security features.
Thanks for your help once again guys.
David.
