SOLVED 'Internal Server Error' after installing new firewall

[bluemike]

I installed a new firewall today, being careful to copy the port config and IP mapping from the old one. When I attempted to access webmail after the install I got this in the browser:

Code: Select all

Internal Server Error

The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator, root@localhost and inform them of the time the error occurred, and anything you might have done that may have caused the error.

More information about this error may be available in the server error log.
Apache/2.0.54 (Fedora) Server at 127.0.0.1 Port 80

I get the same when trying to get to SAC. I tried using omshut and omrc to restart Scalix, and I also tried a full reboot of the system. The thing is, I'm not really sure where to start looking, as the error isn't very specific. Here are some of the logs on the server:

recent entries from mod_jk.log:

Code: Select all

[Sat May 20 15:21:06 2006] [error] ajp_validate::jk_ajp_common.c (1815): can't resolve tomcat address localhost
[Sat May 20 15:21:06 2006] [error] ajp_validate::jk_ajp_common.c (1818): invalid host and port localhost 8009
[Sat May 20 15:21:06 2006] [error] wc_create_worker::jk_worker.c (158): validate failed for worker1
[Sat May 20 15:21:06 2006] [error] build_worker_map::jk_worker.c (256): failed to create worker worker1
[Sat May 20 15:21:09 2006] [error] ajp_validate::jk_ajp_common.c (1815): can't resolve tomcat address localhost
[Sat May 20 15:21:09 2006] [error] ajp_validate::jk_ajp_common.c (1818): invalid host and port localhost 8009
[Sat May 20 15:21:09 2006] [error] wc_create_worker::jk_worker.c (158): validate failed for worker1
[Sat May 20 15:21:09 2006] [error] build_worker_map::jk_worker.c (256): failed to create worker worker1
[Sat May 20 15:22:03 2006] [info]  jk_handler::mod_jk.c (1979): Could not find a worker for worker name=worker1
[Sat May 20 15:23:29 2006] [info]  jk_handler::mod_jk.c (1979): Could not find a worker for worker name=worker1

And here is some stuff from error_log:

Code: Select all

[Sat May 20 08:39:12 2006] [error] [client 192.168.111.15] File does not exist: /var/www/html/favicon.ico
[Sat May 20 08:39:12 2006] [error] [client 192.168.111.15] File does not exist: /var/www/html/favicon.ico
[Sat May 20 08:52:37 2006] [error] [client 72.250.8.116] Directory index forbidden by rule: /var/www/html/
[Sat May 20 08:52:48 2006] [error] [client 72.250.8.116] File does not exist: /var/www/html/favicon.ico
[Sat May 20 09:17:55 2006] [notice] caught SIGTERM, shutting down
[Sat May 20 15:21:06 2006] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Sat May 20 15:21:06 2006] [notice] Digest: generating secret for digest authentication ...
[Sat May 20 15:21:06 2006] [notice] Digest: done
[Sat May 20 15:21:06 2006] [notice] LDAP: Built with OpenLDAP LDAP SDK
[Sat May 20 15:21:06 2006] [notice] LDAP: SSL support unavailable
[Sat May 20 15:21:09 2006] [notice] mod_python: Creating 4 session mutexes based on 256 max processes and 0 max threads.
[Sat May 20 15:21:09 2006] [notice] Apache/2.0.54 (Fedora) configured -- resuming normal operations
[Sat May 20 15:22:16 2006] [error] [client 208.54.19.6] Directory index forbidden by rule: /var/www/html/
[Sat May 20 15:23:24 2006] [error] [client 127.0.0.1] Directory index forbidden by rule: /var/www/html/
[Sat May 20 15:23:25 2006] [error] [client 127.0.0.1] File does not exist: /var/www/html/favicon.ico
[Sat May 20 15:23:29 2006] [error] [client 127.0.0.1] File does not exist: /var/www/html/favicon.ico

Any ideas? I am going to double check my firewall configuration again too....

Thanks!

[ScalixSupport]

Code: Select all

[Sat May 20 15:21:06 2006] [error] ajp_validate::jk_ajp_common.c (1815): can't resolve tomcat address localhost

This is the key. You need to check /etc/hosts and DNS.

Cheers

Dave

[bluemike]

Well, the etc/host file was untouched. I have set the FW to allow DNS to/from everything. I an connect to FC testpage by hostname from the internal network, so I know the basic DNS setting are right. Again, nothing was changed except the FW, but wtih all DNS traffic allowed....it's like it's not there anyway.

I will keep looking.....

[bluemike]

One more thing I noticed. I will also get a 500 error when attempting to connect via localhost on the server itself. Would that indicate something other than a DNS problem?

[ScalixSupport]

Are you able to resolve localhost from the command line ?

Cheers

Dave

[bluemike]

Oddly, no I can't. I can ping 127.0.0.1, but I cannot ping localhost

So I checked my etc/host file again. The localhost entry was gone! What the heck!? It was there an hour ago....
So I entered it again, restarted teh network services, and kazaam! I could ping localhost.
However I immeadiatly tried accessing SAC and still got the 500 error....

[ScalixSupport]

You're going to need to restart scalix-tomcat and httpd.

Cheers

Dave

[bluemike]

Okay I did that, and was able to get past that 500 error. Thanks!

However, now I am getting different errors. In SWA I get:

Code: Select all

Cannot connect to the mail server at [my mail server]!
The mail server on [my mail server] appears to be down.

It's a pop-up message.

In SAC I get:

Code: Select all

Could not login
The administration server is not responding.
You should check the server log files.

I checked the fatal log, but nothing new had been added for over an hour.
I am going to try a full Scalix restart again........

[bluemike]

Okay, that seemed to allow access.... good times :)

Now I see I have several message stuck in the service router queue. I tried omresub -q rtr but it says there are no messages in the queue.... is that the right name?

[Valerion]

Messages in the ROUTER queue are awaiting processing. Check to see if the Service Router is running (omstat -s), and the Scalix logs as well, with omshowlog.