View Issue Details
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0001072||Main CAcert Website||my account||public||2012-06-09 20:40||2013-01-15 18:19|
|Fixed in Version||2012 Q2|
|Summary||0001072: CATS results don't get imported due to IP address change|
|Description||Due to a change in the routing on TUNIX the source IP address of the CATS server changed.|
|Tags||No tags attached.|
|Reviewed by||dastrath, Ted, NEOatNHNG|
||Fix is available. Can not be tested on the test server because there the CATS local CATS server of course has a different IP address.|
Dirk reviewed the fix with the following comments:
cats.cacert.org resolves correctly to the new (changed) ip-adress 188.8.131.52 ...
the 172.16.2.27 is unknown to me, but i was able to find it in the wiki ...
maybe wytze or mendel can confirm these ip-adresses for cats.cacert.org when applying this patch ...
||Relevant file is /www/cats/cats_import.php|
According to the error message the server sees the source IP 184.108.40.206, so this one should be implemented correctly.
I don't know about 172.16.2.27, according to ifconfig the CATS server uses 10.0.0.27 behind the firewall.
IIRC (yes, such things should be worth a comment, but obviously I made none) the second IP address was introduced to allow a clean transfer of the CATS server to another machine. The old second address of 220.127.116.11 seems to be from the same subnet as test1.cacert.at, which was the initial server for development...
So probably the second address is currently obsolete and might be set to the same address as the first one, but an internal address should not do much harm also.
Reviewed the changes, they are acceptable.
||Mail sent to critical admins.|
Fix installes by Mendel on main webserver.
According to logfiles result upload did succeed at Sun Jun 10 09:15:02 2012
To clarify the confusion about internal IP 10.0.0.27 and 172.16.2.27:
There are currently actually two firewalls in front of the cats server (and all other CAcert infrastructure servers), both performing NAT
* The first (external) firewall maps between external IP 18.104.22.168 and internal IP 172.16.2.27.
* The second firewall (on infra01) maps between 172.16.2.22 and 10.0.0.27. The latter address is the one seen by the cats software itself.
|2012-06-09 20:40||NEOatNHNG||New Issue|
|2012-06-09 20:40||NEOatNHNG||Assigned To||=> NEOatNHNG|
|2012-06-09 21:33||NEOatNHNG||Note Added: 0003059|
|2012-06-09 21:34||NEOatNHNG||Note Added: 0003060|
|2012-06-09 21:34||Ted||Note Added: 0003061|
|2012-06-09 21:50||Ted||Reviewed by||=> Ted|
|2012-06-09 21:50||Ted||Note Added: 0003062|
|2012-06-09 21:51||Ted||Note Edited: 0003062||View Revisions|
|2012-06-09 21:55||NEOatNHNG||Source_changeset_attached||=> cacert-devel testserver b916b8fd|
|2012-06-09 21:55||NEOatNHNG||Source_changeset_attached||=> cacert-devel testserver 042c5b32|
|2012-06-09 22:10||NEOatNHNG||Reviewed by||Ted => Ted, NEOatNHNG|
|2012-06-09 22:10||NEOatNHNG||Status||new => needs review & testing|
|2012-06-09 22:33||NEOatNHNG||Reviewed by||Ted, NEOatNHNG => dastrath, Ted, NEOatNHNG|
|2012-06-09 22:33||NEOatNHNG||Note Added: 0003063|
|2012-06-09 22:33||NEOatNHNG||Status||needs review & testing => ready to deploy|
|2012-06-10 11:18||Ted||Note Added: 0003064|
|2012-06-10 11:18||Ted||Status||ready to deploy => closed|
|2012-06-10 11:18||Ted||Resolution||open => fixed|
|2012-06-11 09:18||wytze||Note Added: 0003066|
|2012-12-12 01:10||NEOatNHNG||Source_changeset_attached||=> cacert-devel testserver 8bd80350|
|2012-12-27 17:07||Werner Dworak||Relationship added||related to 0001107|
|2013-01-15 18:19||Werner Dworak||Fixed in Version||=> 2012 Q2|