Modify proxy headers

#1
Hi,

I am trying to make the switch from Cherokee to Openlitespeed (mainly because of missing websockets support in Cherokee) and so far I like the setup. I do encounter very erratic behaviour with reverse proxies though. I use a large amount of different services I need to proxy through the webserver, and the all behave different:

Guacamole (running in Tomcat, no websockets):
Worked out of the box in Cherokee, refuses to create the remote screen session.

Butterfly (websockets based terminal emulator):
No matter what settings I use, the websockets connection seems to terminate once I input a lot of text.

Anyterm (ajax based terminal emulator):
Worked out of the box in Cherokee, in OLS results in veeeery slow page loading, and a non functional script. The logs are mentioning issues with chunks not arriving within the time limit.

Now Cherokee has in it's web interface the ability to modify headers (in and out). That solved some issues for me in the past. Cherokee also had the ability to turn chunked-encoding on or off and to set keep-alive for proxy/backend connections. Is it possible to add this functionality to OLS as well?

I also encounter a lot of timeouts (408 errors) with several reverse-proxied services for which I cannot find a cause. Could this have to do with the version (1.4.3)?

I'm sorry for the lack of detailed info, but ATM I am not behind the server involved :).

Thanks!
 

lsmichael

Active Member
#2
Howdy Raldnor,

Thanks for reporting all this. I'll try to get all your questions answered, but, of course, it will be very useful to have your error logs when you get a chance. You can PM them to me if you don't want to post them.

Cheers,

Michale
 
#3
Hi Michael,

Thanks a lot for your quick answer! My log directory is full of error logs, here are some lines which occur very, very frequently in the log files:

Code:
2015-01-07 14:31:37.456 [NOTICE]  26066  44 SESS GET-FAILED TO FIND SSL SESSION <0x1cd9fa0>: ID [73AA9
D17E54B34D6F0D42138FA9FBD4DEC87] size 32 len 64   
2015-01-07 14:33:10.972 [NOTICE]  26067  30 SESS GET-FAILED TO FIND SSL SESSION <0x1cd9fa0>: ID [6163B
641C9A2F00745481D823AFA60A7373C] size 32 len 64   
2015-01-07 14:34:26.337 [NOTICE]  26068  36 SESS GET-FAILED TO FIND SSL SESSION <0x1cd9fa0>: ID [918D9
C6225CA64D39A54587906A763E14D8C] size 32 len 64   
2015-01-07 14:34:27.414 [NOTICE]  26066  46 SESS GET-FAILED TO FIND SSL SESSION <0x1cd9fa0>: ID [F3B54
5CC05F83BE72DF45D2EA2C4278E2178] size 32 len 64   
2015-01-07 14:36:21.792 [INFO] [89.xxx.xxx.xxx:23645] Connection idle time: 301 while in state: 5 watc
hing for event: 25,close!   
2015-01-07 14:36:21.792 [INFO] [89.xxx.xxx.xxx:23645] Content len: 0, Request line: .POST /Microsoft-S
erver-ActiveSync?Cmd=Ping&User=xxxxx&DeviceId=SEC177CA4Bxxxxxx&DeviceType=SAMSUNGGTI8200N HTTP/1.1   
2015-01-07 14:36:21.792 [INFO] [89.xxx.xxx.xxx:23645] HttpExtConnector state: 8, request body sent: 0,
 response body size: -2, response body sent:4, left in buffer: 0, attempts: 0.   
2015-01-07 14:36:21.792 [INFO] [89.xxx.xxx.xxx:23645] Proxy connection state: 2, watching event: 25, R
equest header:415, body:0, sent:0, Response header: 0, total: 0 bytes received in 301 seconds,Total pr
ocessing time: 301.   
2015-01-07 14:36:44.827 [NOTICE]  26066  50 SESS GET-FAILED TO FIND SSL SESSION <0x1cd9fa0>: ID [F4C2D
6DCA56AFF18C597B0D0B9AB52E0151E] size 32 len 64   
2015-01-07 14:36:44.831 [NOTICE]  26069  47 SESS GET-FAILED TO FIND SSL SESSION <0x1cd9fa0>: ID [F4C2D
6DCA56AFF18C597B0D0B9AB52E0151E] size 32 len 64
Do you know what causes the 'failed to find ssl session' errors?

Thanks!
 
#4
Errors like this also appear a lot in the log files (for all vhost templates and configs):
Code:
2015-01-07 15:10:49.695 [INFO] [PlainConf] [virtualHostTemplate:] Failed to RCS checkin conf file /opt/litespeed/conf/templates/ccl.conf0, ret 32512, error(Invalid argument). Org command is ci -l -q -t-"/opt/litespeed/conf/templates/ccl.conf0" -mUpdate "/opt/litespeed/conf/templates/ccl.conf0" >/dev/null 2>&1.

2015-01-07 15:10:49.686 [INFO] [PlainConf] [virtualHostConfig:] Failed to RCS checkin conf file /opt/litespeed/conf/vhosts/xxx.xxxxxxx.com/vhconf.conf0, ret 32512, error(Invalid argument). Org command is ci -l -q -t-"/opt/litespeed/conf/vhosts/xxx.xxxxxxxx.com/vhconf.conf0" -mUpdate "/opt/litespeed/conf/vhosts/xxx.xxxxxxxxx.com/vhconf.conf0" >/dev/null 2>&1.
 
#5
And some info about the guacamole disconnects (via websockets):

First a line to connect to a service in guacamole:
Code:
["xxx.xxxxxxxx.com"] 213.xxx.xxx.xxx - - [07/Jan/2015:16:07:02 +0100] "GET /guacamole/websocket-tunnel?id=c%2FWindows%207%2064-bit&width=1200&height=600&dpi=85&audio=audio%2Fogg&audio=audio%2Fmpeg&audio=audio%2Fwebm&audio=audio%2Fwav&video=video%2Fogg&video=video%2Fwebm HTTP/1.1" 101 - "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:34.0) Gecko/20100101 Firefox/34.0" "xxx.xxxxxxxx.com"
The service then connects for a few seconds, and then a terminates (a popup from guacamole appears stating that something went wrong and I need to reconnect), followed by a bunch of the following lines in the access log:
Code:
xx.xxx.xxx.xxx - - [07/Jan/2015:16:07:10 +0100] "" 200 - "-" "-" "-"
xx.xxx.xxx.xxx - - [07/Jan/2015:16:07:10 +0100] "" 200 - "-" "-" "-"
... (more like this)
The ip address in the access log is the external server ip address.
 

lsmichael

Active Member
#6
Thanks for sending in the logs. I'll try to have the developers looking at them as soon as possible. We should be able to get back to you in a day or two.
 
Top