近藤と申します。 以前から DeleGate により SSL リーバスプロクシを行っている 者です。 今回、社内の Windows SharePoint Service (IIS) も外から見た いとの要望があり、設定を追加しましたが、認証後に切断されてし まいます。 設定は、以前から使用しているものに MOUNT 先を追加したもの で、他 (Linux apach 系サーバ) は問題なく認証もできています。 DeleGate のバージョンも最新 9.9.7 にしてみましたが、現象は かわりません。 ログを見ても「切断を検出した」の様にしか読めません。 なにか、アドバイスいただけないでしょうか 宜しくお願いいたします。 ■立ち上げ時のパラメータ -P443 SERVER=https STLS=fcl MOUNT="/repos/* http://192.168.11.40/repos/* nvserv=svn.aaa.kaisya.co.jp" MOUNT="/server/* http://192.168.10.25/*" : RELAY=no RELIABLE='*' REACHABLE="*.kaisya.co.jp" LOGFILE=/var/log/delegate/ssl.log PROTOLOG='' ■/var/log/delegate/ssl.log 04/09 11:11:34.88 [17590] 1+0: -- Fork(SequentialServer): 17573 -> 17590 04/09 11:11:34.88 [17590] 1+1: (0) accepted [28] -@[111.111.111.111]gw2.kaisya.co.jp:54828 (0.003s)(1) 04/09 11:11:34.88 [17590] 1+1: PATH: https://-:443!gw2.kaisya.co.jp:443!gw2.kaisya.co.jp:54828!anonymous@gw2.kaisya.co.jp;1270779094 04/09 11:11:34.88 [17590] 1+1: # SSL record head[16 3 1 0 41] SSL3 8?/70 04/09 11:11:34.88 [17590] 1+1: gethostbyname(-) unknown[0.00s] 04/09 11:11:34.88 [17590] 1+1: --MOUNT=0[] [111.111.111.111][-][] => [] 04/09 11:11:34.88 [17590] 1+1: ## SSLway B7F7BB90 loadSession 0.000032 (0 0) / -1 04/09 11:11:34.88 [17590] 1+1: ## SSLway ## 0.003836 sescache[0] HIT=0 sR=0 cR=1 04/09 11:11:34.88 [17590] 1+1: --pushPFilter (starttls/https) tid=BB90 [26][28] 0 BFEFE754 04/09 11:11:34.88 [17590] 1+1: ## STLS ## IMPLICIT SSL ON 28,28,-1,25 04/09 11:11:34.88 [17590] 1+1: OK: SSL/cl 0.00 0.00/6.00 0.00 0.01 = 0.01 04/09 11:11:34.88 [17590] 1+1: 0.005 CFI_SYNC ready=2 [57/W] 04/09 11:11:34.88 [17590] 1+1: 0.005 CFI_SYNC ready=1 [A] 04/09 11:11:34.97 [17590] 1+1: ## SSLway FCL S-C:0/0 C-S:0/0 CS-EOS 04/09 11:11:34.97 [17590] 1+1: ## left connected but dead [30] <= sslway_dl.c:2912 04/09 11:11:34.97 [17590] 1+1: HTTP empty_request ? from gw2.kaisya.co.jp (1) 04/09 11:11:34.97 [17590] 1+1: disconnected [28] -@[111.111.111.111]gw2.kaisya.co.jp:54828 (0.094s)(0) 04/09 11:11:34.97 [17590] 1+1: CFI-wait 1/1 A0/1 as=0 xpid=-1,-1 0.00 04/09 11:11:34.97 [17590] 1+1: StickyServer done [nonStickyProtocol(https:https:https)] 1 req / 1+0/1 conn / 0 sec 04/09 11:11:34.97 [17590] 1+1: #Sig/CSC finish 300 249 P2 R0 E0 {3 r0 t0} 0/0/1 04/09 11:11:38.04 [17592] 2+0: -- Fork(SequentialServer): 17573 -> 17592 04/09 11:11:38.05 [17592] 2+1: (0) accepted [33] -@[111.111.111.111]gw2.kaisya.co.jp:47754 (0.003s)(1) 04/09 11:11:38.05 [17592] 2+1: PATH: https://-:443!gw2.kaisya.co.jp:443!gw2.kaisya.co.jp:47754!anonymous@gw2.kaisya.co.jp;1270779098 04/09 11:11:38.05 [17592] 2+1: # SSL record head[16 3 1 0 61] SSL3 8?/102 04/09 11:11:38.05 [17592] 2+1: gethostbyname(-) unknown[0.00s] 04/09 11:11:38.05 [17592] 2+1: --MOUNT=0[] [111.111.111.111][-][] => [] 04/09 11:11:38.05 [17592] 2+1: ## SSLway B7F7BB90 loadSession 0.000143 (0 1) / 1 04/09 11:11:38.05 [17592] 2+1: ## SSLway ## 0.001231 sescache[1] HIT=1 sR=0 cR=1 04/09 11:11:38.05 [17592] 2+1: --pushPFilter (starttls/https) tid=BB90 [26][33] 0 BFEFE754 04/09 11:11:38.05 [17592] 2+1: ## STLS ## IMPLICIT SSL ON 33,33,-1,25 04/09 11:11:38.05 [17592] 2+1: OK: SSL/cl 0.00 0.00/6.00 0.00 0.00 = 0.01 04/09 11:11:38.05 [17592] 2+1: 0.003 CFI_SYNC ready=2 [57/W] 04/09 11:11:38.05 [17592] 2+1: 0.003 CFI_SYNC ready=1 [A] 04/09 11:11:38.05 [17592] 2+1: ## SSLway FCL S-C:0/0 C-S:0/0 CS-EOS 04/09 11:11:38.05 [17592] 2+1: ## left connected but dead [29] <= sslway_dl.c:2912 04/09 11:11:38.05 [17592] 2+1: ## left connected but dead [33] <= stls.c:1317 04/09 11:11:38.05 [17592] 2+1: ## left connected but dead [33] <= stls.c:1322 04/09 11:11:38.05 [17592] 2+1: ERROR: SSL/cl disconnected: 1 A 0[33] 04/09 11:11:38.05 [17592] 2+1: disconnected [33] -@[111.111.111.111]gw2.kaisya.co.jp:47754 (0.006s)(0) 04/09 11:11:38.05 [17594] 3+0: -- Fork(SequentialServer): 17573 -> 17594 04/09 11:11:38.05 [17594] 3+1: (1) accepted [32] -@[111.111.111.111]gw2.kaisya.co.jp:59032 (0.002s)(1) 04/09 11:11:38.05 [17594] 3+1: PATH: https://-:443!gw2.kaisya.co.jp:443!gw2.kaisya.co.jp:59032!anonymous@gw2.kaisya.co.jp;1270779098 04/09 11:11:38.05 [17594] 3+1: # SSL record head[16 3 1 0 61] SSL3 8?/102 04/09 11:11:38.05 [17594] 3+1: gethostbyname(-) unknown[0.00s] 04/09 11:11:38.05 [17592] 2+1: CFI-wait 1/1 A0/1 as=0 xpid=-1,-1 0.00 04/09 11:11:38.05 [17592] 2+1: StickyServer done [nonStickyProtocol(https:https:https)] 1 req / 1+0/2 conn / 0 sec 04/09 11:11:38.05 [17592] 2+1: #Sig/CSC finish 293 220 P2 R0 E0 {3 r0 t0} 0/0/1 04/09 11:11:38.05 [17594] 3+1: --MOUNT=0[] [111.111.111.111][-][] => [] 04/09 11:11:38.05 [17594] 3+1: ## SSLway B7F7BB90 loadSession 0.000127 (0 1) / 1 04/09 11:11:38.05 [17594] 3+1: ## SSLway ## 0.001103 sescache[1] HIT=1 sR=0 cR=1 04/09 11:11:38.05 [17594] 3+1: --pushPFilter (starttls/https) tid=BB90 [26][32] 0 BFEFE754 04/09 11:11:38.05 [17594] 3+1: ## STLS ## IMPLICIT SSL ON 32,32,-1,25 04/09 11:11:38.05 [17594] 3+1: OK: SSL/cl 0.00 0.00/6.00 0.00 0.00 = 0.01 04/09 11:11:38.05 [17594] 3+1: 0.003 CFI_SYNC ready=2 [57/W] 04/09 11:11:38.05 [17594] 3+1: 0.003 CFI_SYNC ready=1 [A] 04/09 11:11:38.06 [17594] 3+1: Proxy: host=gw2.kaisya.co.jp; User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.2; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729); DIRECT 04/09 11:11:38.06 [17594] 3+1: HCKA:[0] Keep-Alive; host=gw2.kaisya.co.jp; (User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.2; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)) 04/09 11:11:38.06 [17594] 3+1: REQUEST - GET /server/sites/XXXXX/ HTTP/1.1^M 04/09 11:11:38.06 [17594] 3+1: *** /server/sites/XXXXX/ => http://192.168.10.25/sites/XXXXX/ *** 04/09 11:11:38.06 [17594] 3+1: REQUEST +M http://192.168.10.25/sites/XXXXX/ HTTP/1.1^M 04/09 11:11:38.06 [17594] 3+1: *** /server/sites/XXXXX/ => http://192.168.10.25/sites/XXXXX/ *** 04/09 11:11:38.06 [17594] 3+1: PATH> http://192.168.10.25:80!gw2.kaisya.co.jp:443!gw2.kaisya.co.jp:59032!anonymous@gw2.kaisya.co.jp;1270779098 04/09 11:11:38.06 [17594] 3+1: REQUEST = [http://192.168.10.25:80/] GET /sites/XXXXX/ HTTP/1.1^M 04/09 11:11:38.06 [17594] 3+1: CACHE hostname: 192.168.10.25 -> server.aaa.kaisya.co.jp 04/09 11:11:38.06 [17594] 3+1: [0.00,-1][HTTP cache-NONE] /var/delegate/cache/http/server.aaa.kaisya.co.jp/sites/XXXXX/= 04/09 11:11:38.06 [17594] 3+1: [0.00,-1][HTTP cache-NONE] /var/delegate/cache/http/server.aaa.kaisya.co.jp/sites/XXXXX/= 04/09 11:11:38.06 [17594] 3+1: XHost: (0,0,1) 192.168.10.25 <= gw2.kaisya.co.jp 04/09 11:11:38.06 [17594] 3+1: ConnectToServer connected [23] {192.168.10.25:80 <- 192.168.0.250:55826} [0.001s] 04/09 11:11:38.06 [17594] 3+1: willSTLS_SV[http]: ServerFlags=8000 BFEFE754 04/09 11:11:38.06 [17594] 3+1: HTTP => (192.168.10.25:80) GET /sites/XXXXX/ HTTP/1.1^M 04/09 11:11:38.06 [17594] 3+1: HTTP error request: GET /sites/XXXXX/ HTTP/1.1^M 04/09 11:11:38.06 [17594] 3+1: HTTP error status: 401 Unauthorized 04/09 11:11:38.06 [17594] 3+1: HTTP error header: Server: Microsoft-IIS/7.0^M 04/09 11:11:38.06 [17594] 3+1: HTTP error header: WWW-Authenticate: NTLM^M 04/09 11:11:38.06 [17594] 3+1: HTTP error header: X-Powered-By: ASP.NET^M 04/09 11:11:38.06 [17594] 3+1: HTTP error header: MicrosoftSharePointTeamServices: 12.0.0.6421^M 04/09 11:11:38.06 [17594] 3+1: HTTP error header: Date: Fri, 09 Apr 2010 02:11:36 GMT^M 04/09 11:11:38.06 [17594] 3+1: HTTP error header: Content-Length: 0^M 04/09 11:11:38.06 [17594] 3+1: Guessed Content-Type:text/html http://192.168.10.25:80/sites/XXXXX/ 04/09 11:11:38.06 [17594] 3+1: HTTP error header: Content-Type: text/html^M 04/09 11:11:38.06 [17594] 3+1: #HT11 SERVER ver[HTTP/1.1] conn[] 04/09 11:11:38.06 [17594] 3+1: HTTP error header: ^M 04/09 11:11:38.06 [17594] 3+1: HTTP/1.1 401 Content-{Type:text/html Encoding:[/] Leng:0} KA:1/1 Server:Microsoft-IIS/7.0 04/09 11:11:38.06 [17594] 3+1: putMIMEmsg: Content-Length: 0 -> 0 (226 - 226) [] (UNIX) 11:11:38.063 [17594] closed-4[32 -1][23 23 23 -1 -1/32 32 32]relayResp http.c:6646 04/09 11:11:38.06 [17594] 3+1: HTTP transmitted: 205head+0/0body=>0txt+0bin->0/0, 6i/0o/0f/0.0 ----- 04/09 11:11:38.06 [17594] 3+1: rcode=-10005 unlink /var/delegate/cache/http/server.aaa.kaisya.co.jp/sites/XXXXX/=#LOADING (205) 04/09 11:11:38.06 [17594] 3+1: ## SSLway FCL S-C:284/1 C-S:475/1 SC-EOS 04/09 11:11:38.06 [17594] 3+1: #HT11 1 putServ(25/26/23) 192.168.10.25:80 04/09 11:11:38.06 [17594] 3+1: CACHE hostname: 192.168.10.25 -> server.aaa.kaisya.co.jp 04/09 11:11:38.07 [17594] 3+1: HCKA:[0] closed -- s:bad status: -401 04/09 11:11:38.07 [17594] 3+1: ## tcCLOSED fc=32 FromC=-1 ToC=-1 CS=-1 11:11:38[17594][17594]18E0 0/1/0/1 ##Xfflush(-1) suppressed <= _-fcloseFILE2.c:10 04/09 11:11:38.07 [17594] 3+1: disconnected [32] -@[111.111.111.111]gw2.kaisya.co.jp:59032 (0.016s)(0) 04/09 11:11:38.08 [17594] 3+1: --- thread_wait(B7F7BB90,300) EXIT 0.014 04/09 11:11:38.08 [17594] 3+1: CFI-wait 1/1 A0/1 as=1 xpid=-1,-1 0.00 04/09 11:11:53.27 [17573] 3+0: AcceptByMain: locked out*1/0 by Sticky*1 2/2 04/09 11:11:53.27 [17594] 3+2: (1) accepted [15] -@[111.111.111.111]gw2.kaisya.co.jp:54082 (0.000s)(1) 04/09 11:11:53.27 [17594] 3+2: PATH: https://-:443!gw2.kaisya.co.jp:443!gw2.kaisya.co.jp:54082!anonymous@gw2.kaisya.co.jp;1270779113 04/09 11:11:53.27 [17594] 3+2: # SSL record head[16 3 1 0 61] SSL3 8?/102 04/09 11:11:53.27 [17594] 3+2: --MOUNT=0[] [111.111.111.111][-][] => [] 04/09 11:11:53.27 [17594] 3+2: ## SSLway B7F7BB90 loadSession 0.000058 (0 1) / 1 04/09 11:11:53.27 [17594] 3+2: ## SSLway ## 0.000809 sescache[1] HIT=2 sR=0 cR=1 04/09 11:11:53.27 [17594] 3+2: --pushPFilter (starttls/https) tid=BB90 [30][15] 0 BFEFE754 04/09 11:11:53.27 [17594] 3+2: ## STLS ## IMPLICIT SSL ON 15,15,-1,29 04/09 11:11:53.27 [17594] 3+2: OK: SSL/cl 0.00 0.00/6.00 0.00 0.00 = 0.00 04/09 11:11:53.27 [17594] 3+2: 0.002 CFI_SYNC ready=2 [57/W] 04/09 11:11:53.27 [17594] 3+2: 0.002 CFI_SYNC ready=1 [A] 04/09 11:11:53.27 [17594] 3+2: Proxy: host=gw2.kaisya.co.jp; User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.2; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729); DIRECT 04/09 11:11:53.27 [17594] 3+2: HCKA:[0] Keep-Alive; host=gw2.kaisya.co.jp; (User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.2; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)) 04/09 11:11:53.27 [17594] 3+2: REQUEST - GET /server/sites/XXXXX/ HTTP/1.1^M 04/09 11:11:53.27 [17594] 3+2: *** /server/sites/XXXXX/ => http://192.168.10.25/sites/XXXXX/ *** 04/09 11:11:53.27 [17594] 3+2: REQUEST +M http://192.168.10.25/sites/XXXXX/ HTTP/1.1^M 04/09 11:11:53.27 [17594] 3+2: *** /server/sites/XXXXX/ => http://192.168.10.25/sites/XXXXX/ *** 04/09 11:11:53.27 [17594] 3+2: PATH> http://192.168.10.25:80!gw2.kaisya.co.jp:443!gw2.kaisya.co.jp:54082!anonymous@gw2.kaisya.co.jp;1270779113 04/09 11:11:53.27 [17594] 3+2: REQUEST = [http://192.168.10.25:80/] GET /sites/XXXXX/ HTTP/1.1^M 04/09 11:11:53.27 [17594] 3+2: Authorization: Dont-Read/Write-Cache ON 04/09 11:11:53.27 [17594] 3+2: CACHE hostname: 192.168.10.25 -> server.aaa.kaisya.co.jp 04/09 11:11:53.27 [17594] 3+2: XHost: (0,0,1) 192.168.10.25 <= gw2.kaisya.co.jp 04/09 11:11:53.28 [17594] 3+2/0/1: #HT11 1 getServ 15.2s(15.2s)*1 SERVER REUSE (25/26/-1) [192.168.10.25:80] 192.168.10.25 [8000 8000 8000] 04/09 11:11:53.28 [17594] 3+2/0/1: ## ignore empty Authorization [] 04/09 11:11:53.28 [17594] 3+2/0/1: HTTP error request: GET /sites/XXXXX/ HTTP/1.1^M 04/09 11:11:53.28 [17594] 3+2/0/1: HTTP error status: 401 Unauthorized 04/09 11:11:53.28 [17594] 3+2/0/1: HTTP error header: Content-Type: text/html; charset=us-ascii^M 04/09 11:11:53.28 [17594] 3+2/0/1: HTTP error header: Server: Microsoft-HTTPAPI/2.0^M 04/09 11:11:53.28 [17594] 3+2/0/1: HTTP error header: WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADgAAAAFgomi3Vr5R4FP3XQAAAAAAAAAAMwAzABAAAAABgByFwAAAA9TAEQARgBLAAIACABTAEQARgBLAAEAEABTADAAMgA1AFQAMgAxADAABAAqAGYAdQBrAGEAZwBhAHcAYQAuAHMAZAAtAG4AZQB0AC4AYwBvAC4AagBwAAMAPABzADAAMgA1AHQAMgAxADAALgBmAHUAawBhAGcAYQB3AGEALgBzAGQALQBuAGUAdAAuAGMAbwAuAGoAcAAFACoAZgB1AGsAYQBnAGEAdwBhAC4AcwBkAC0AbgBlAHQALgBjAG8ALgBqAHAABwAIANGd7gSK18oBAAAAAA==^M 04/09 11:11:53.28 [17594] 3+2/0/1: HTTP error header: Date: Fri, 09 Apr 2010 02:11:52 GMT^M 04/09 11:11:53.28 [17594] 3+2/0/1: HTTP error header: Content-Length: 341^M 04/09 11:11:53.28 [17594] 3+2/0/1: #HT11 SERVER ver[HTTP/1.1] conn[] 04/09 11:11:53.28 [17594] 3+2/0/1: HTTP error header: ^M 04/09 11:11:53.28 [17594] 3+2/0/1: HTTP/1.1 401 Content-{Type:text/html Encoding:[/] Leng:341} KA:1/1 Server:Microsoft-HTTPAPI/2.0 04/09 11:11:53.28 [17594] 3+2/0/1: ####Gzip [0.000278] - 341 => 275 [29=>30] 04/09 11:11:53.28 [17594] 3+2/0/1: putMIMEmsg: Content-Length: 341 -> 275 (878 - 603) [gzip] 04/09 11:11:53.28 [17594] 3+2/0/1: #CEcl put Content-Encoding:gzip (UNIX) 11:11:53.280 [17594] closed-4[15 -1][25 26 -1 -1 -1/15 15 15]relayResp http.c:6646 04/09 11:11:53.28 [17594] 3+2/0/1: HTTP transmitted: 546head+341/341body=>0txt+0bin->275/275, 7i/2o/0f/0.0 ---z- 04/09 11:11:53.28 [17594] 3+2/0/1: ## SSLway FCL S-C:947/1 C-S:553/1 SC-EOS 04/09 11:11:53.28 [17594] 3+2/0/1: #HT11 2 putServ(23/27/-1) 192.168.10.25:80 04/09 11:11:53.28 [17594] 3+2/0/1: HCKA:[0] closed -- s:bad status: -401 04/09 11:11:53.28 [17594] 3+2/0/1: ## tcCLOSED fc=15 FromC=-1 ToC=-1 CS=-1 11:11:53[17594][17594]18E0 0/1/1/2 ##Xfflush(-1) suppressed <= _-fcloseFILE2.c:10 04/09 11:11:53.28 [17594] 3+2/0/1: disconnected [15] -@[111.111.111.111]gw2.kaisya.co.jp:54082 (0.010s)(0) 04/09 11:11:53.29 [17594] 3+2/0/1: --- thread_wait(B7F7BB90,300) EXIT 0.013 04/09 11:11:53.29 [17594] 3+2/0/1: CFI-wait 2/2 A0/2 as=2 xpid=-1,-1 0.00 04/09 11:12:23.29 [17594] 3+2/0/1: StickyServer done [timeout] 2 req / 2+0/3 conn / 45 sec 04/09 11:12:23.31 [17594] 3+2/0/1: clearServ: 192.168.10.25:80 [-1][0/0] 04/09 11:12:23.31 [17594] 3+2/0/1: #Sig/CSC finish 1302 1330 P2 R0 E0 {13 r0 t0} 0/0/2 以上
V