Repost: strange connections to apache2 port 443
![](https://seccdn.libravatar.org/avatar/501164d25ad76cbaa086838b3a78db0d.jpg?s=120&d=mm&r=g)
Hi, I´ve tried to describe my problem in different mailinlists around but found no good hint to fix it. So I would like to give it another try here ... I´m running a SuSE Linux 9.0 with Apache2 2.0.53 ( installed via rpm from ftp.suse.com ) with mod_ssl. The startup parameter for the apache is "-D SSL". But here comes my problem ... I´m also running an iptables firewall and I notice a strange behaviour on my system but only when I start apache with "-D SSL". When I run apache only with http there are no strange connection attempts in the firewall logs. To be more precise, my firewall logs show entries of connection attampts from my localhost to my localhost via interface lo ( not eth0 ) from some increacing port to port 443. Fact is that this connections only appear when I start the apache with "-D SSL" and I can also comment out all the virtual hosts for port 443 but that does not matter, only when I start the apache without SSL the connections disappear. The strange thing is that in the firewall logs there are syn, ack ... flags but I can not find any apache2-logfile entry for one of this connections. Does that sound familiar to somebody? Is there a configuration withtin the apache2 to probe the ssl aware apache? Kind regards Tom
![](https://seccdn.libravatar.org/avatar/7574aaee71d8971a36f4283a7cad6b2c.jpg?s=120&d=mm&r=g)
* Tom Henderson <2005slm@gmx.net> [08-25-05 06:53]:
I´m running a SuSE Linux 9.0 with Apache2 2.0.53 ( installed via rpm from ftp.suse.com ) with mod_ssl. The startup parameter for the apache is "-D SSL".
rpm -q apache2 apache2-2.0.54-5 Mod_ssl is no longer a separate package, but is now included in the Apache distribution. Mine starts with: /usr/sbin/httpd2-prefork -f /etc/apache2/httpd.conf -DSSL
The strange thing is that in the firewall logs there are syn, ack ... flags but I can not find any apache2-logfile entry for one of this connections.
I also have none in /var/log/apache2/access_log but they do appear in /var/log/messages. -- Patrick Shanahan Registered Linux User #207535 http://wahoo.no-ip.org @ http://counter.li.org HOG # US1244711 Photo Album: http://wahoo.no-ip.org/gallery
participants (2)
-
Patrick Shanahan
-
Tom Henderson