Apache proxy not working for a localhost port

Question

I have Apache 2.2.15 running on port 80 and want to proxy a servlet engine on localhost port 8983. I have the setup running on another server, but have moved to a CentOS 6 machine. It's not working on the new machine. My virtual host config:

ProxyRequests Off

<Proxy *>
   Order deny,allow
   Allow from all
</Proxy>

ProxyPass / http://localhost:8983/
ProxyPassReverse / http://localhost:8983/

I can access port 8983 if I use a browser and go directly to it (and don't go through the Apache proxy), but can't connect to it if I go to/through the Apache server.

I can change what's being proxied to something like http://slashdot.org and Slashdot gets successfully proxied (so I know it's able to proxy in general).

I turned debug logging on in Apache and this is the transaction:

[Sun Apr 22 16:47:04 2012] [debug] mod_proxy_http.c(56): proxy: HTTP: canonicalising URL //localhost:8983/
[Sun Apr 22 16:47:04 2012] [debug] proxy_util.c(1506): [client 184.39.79.7] proxy: http: found worker http://localhost:8983/ for http://localhost:8983/
[Sun Apr 22 16:47:04 2012] [debug] mod_proxy.c(998): Running scheme http handler (attempt 0)
[Sun Apr 22 16:47:04 2012] [debug] mod_proxy_http.c(1962): proxy: HTTP: serving URL http://localhost:8983/
[Sun Apr 22 16:47:04 2012] [debug] proxy_util.c(2011): proxy: HTTP: has acquired connection for (localhost)
[Sun Apr 22 16:47:04 2012] [debug] proxy_util.c(2067): proxy: connecting http://localhost:8983/ to localhost:8983
[Sun Apr 22 16:47:04 2012] [debug] proxy_util.c(2193): proxy: connected / to localhost:8983
[Sun Apr 22 16:47:04 2012] [debug] proxy_util.c(2444): proxy: HTTP: fam 10 socket created to connect to localhost
[Sun Apr 22 16:47:04 2012] [debug] proxy_util.c(2455): (13)Permission denied: proxy: HTTP: attempt to connect to [::1]:8983 (localhost) failed
[Sun Apr 22 16:47:04 2012] [debug] proxy_util.c(2444): proxy: HTTP: fam 2 socket created to connect to localhost
[Sun Apr 22 16:47:04 2012] [error] (13)Permission denied: proxy: HTTP: attempt to connect to 127.0.0.1:8983 (localhost) failed
[Sun Apr 22 16:47:04 2012] [error] ap_proxy_connect_backend disabling worker for (localhost)
[Sun Apr 22 16:47:04 2012] [debug] proxy_util.c(2029): proxy: HTTP: has released connection for (localhost)
[Sun Apr 22 16:47:04 2012] [debug] mod_proxy_http.c(56): proxy: HTTP: canonicalising URL //localhost:8983/favicon.ico
[Sun Apr 22 16:47:04 2012] [debug] proxy_util.c(1506): [client 184.39.79.7] proxy: http: found worker http://localhost:8983/ for http://localhost:8983/favicon.ico
[Sun Apr 22 16:47:04 2012] [debug] mod_proxy.c(998): Running scheme http handler (attempt 0)
[Sun Apr 22 16:47:04 2012] [debug] mod_proxy_http.c(1962): proxy: HTTP: serving URL http://localhost:8983/favicon.ico
[Sun Apr 22 16:47:04 2012] [debug] proxy_util.c(1949): proxy: HTTP: retrying the worker for (localhost)
[Sun Apr 22 16:47:04 2012] [error] proxy: HTTP: disabled connection for (localhost)

I don't know what fam 10 or fam 2 sockets are. Anyone have any ideas about why it's not proxying to my alternate port?

Thanks!

Answer 1

I solved my issue :

If I do: sestatus -b | grep httpd

I can see httpd_can_network_connect is off

The solution is to type: togglesebool httpd_can_network_connect

Answer 2

Here is the solution for your problem:

To turn on this boolean you simple have to use this line (root permissions)

setsebool -P httpd_can_network_connect on

or

sudo setsebool -P httpd_can_network_connect on

Hope that helps. Reference see here: https://wiki.centos.org/TipsAndTricks/SelinuxBooleans

Answer 3

Make sure that port 8080 is listening by running the following command

netstat -tlpn

If not, than restart the jenkins server

sudo /etc/init.d/jenkins start

It should work now. Hope it helps