Hi
i have big problems with the icinga-web monitoring Software to publish via Application Firewall and i find the Problem.
The Application Firewall don't passthur the accept_encoding header to the Webserver. So everyone have to change the Code if this header is required.
Original Icinga Config file:
SquishLoader.xml
changed working one:
Please passthru this kind of http header to the Server behind the Astaro.
This can be a problem with OWA over HTTPS too.
Here a debug Log:
Without Astaro:
With Astaro Application Firewall:
kind regards
Alex
i have big problems with the icinga-web monitoring Software to publish via Application Firewall and i find the Problem.
The Application Firewall don't passthur the accept_encoding header to the Webserver. So everyone have to change the Code if this header is required.
Original Icinga Config file:
SquishLoader.xml
Code:
<?xml version="1.0" encoding="UTF-8"?>
<ae:configurations
xmlns="http://agavi.org/agavi/config/parts/validators/1.0"
xmlns:ae="http://agavi.org/agavi/config/global/envelope/1.0"
parent="%core.module_dir%/AppKit/config/validators.xml"
>
<ae:configuration>
<validators>
<validator class="string" name="IfNoneMatch" source="headers" required="false">
<argument>IF_NONE_MATCH</argument>
</validator>
<validator class="string" name="accept_encoding" source="headers" required="true">
<argument>ACCEPT_ENCODING</argument>
<errors>
<error>Could not validate HTTP_REFERER</error>
</errors>
</validator>
</validators>
</ae:configuration>
</ae:configurations>Code:
<?xml version="1.0" encoding="UTF-8"?>
<ae:configurations
xmlns="http://agavi.org/agavi/config/parts/validators/1.0"
xmlns:ae="http://agavi.org/agavi/config/global/envelope/1.0"
parent="%core.module_dir%/AppKit/config/validators.xml"
>
<ae:configuration>
<validators>
<validator class="string" name="IfNoneMatch" source="headers" required="false">
<argument>IF_NONE_MATCH</argument>
</validator>
<validator class="string" name="accept_encoding" source="headers" required="false">
<argument>ACCEPT_ENCODING</argument>
<errors>
<error>Could not validate HTTP_REFERER</error>
</errors>
</validator>
</validators>
</ae:configuration>
</ae:configurations>This can be a problem with OWA over HTTPS too.
Here a debug Log:
Without Astaro:
Code:
HTTP Request GET / HTTP/1.1
Host ***.***.xx
Connection keep-alive
Cache-Control max-age=0
User-Agent Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/536.11 (KHTML, like Gecko) Chrome/20.0.1132.57 Safari/536.11
Accept text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding gzip,deflate,sdch
Accept-Language de-DE,de;q=0.8,en-US;q=0.6,en;q=0.4
Accept-Charset ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie ys-Zenoss.ui.EvConsole.detail_panel=o%3Acollapsed%3Db%253A1; ys-processNavGridState=o%3Acolumns%3Da%253Ao%25253Aid%25253Ds%2525253Aname%25255Ewidth%25253Dn%2525253A131%255Eo%25253Aid%25253Ds%2525253Acount%25255Ewidth%25253Dn%2525253A100%5Esort%3Do%253Afield%253Ds%25253Aname%255Edirection%253Ds%25253AASC%5Efilters%3Do%253AdisplayFilters%253Db%25253A1%255Eoptions%253Do%25253A; ys-servicesNavGridState=o%3Acolumns%3Da%253Ao%25253Aid%25253Ds%2525253Aname%25255Ewidth%25253Dn%2525253A181%255Eo%25253Aid%25253Ds%2525253Acount%25255Ewidth%25253Dn%2525253A50%5Esort%3Do%253Afield%253Ds%25253Aname%255Edirection%253Ds%25253AASC%5Efilters%3Do%253AdisplayFilters%253Db%25253A1%255Eoptions%253Do%25253A
HTTP Response Headers
X-Powered-By PHP/5.3.3-7+squeeze13
Vary Accept-Encoding
Content-Encoding gzipCode:
GET / HTTP/1.1
Host xx.xx.xx.xx
Accept image/gif, image/jpeg, image/pjpeg, image/pjpeg, application/xaml+xml, application/vnd.ms-xpsdocument, application/x-ms-xbap, application/x-ms-application, */*
Accept-Language de-at
User-Agent Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.2; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR 3.0.04506.648; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; FDM; .NET4.0C; .NET4.0E)
X-Forwarded-For xx.xx.xx.xx
X-Forwarded-Host monitoring.xx.***
X-Forwarded-Server monitoring.xx.***
Connection Keep-Alive
HTTP Response Headers
X-Powered-By PHP/5.3.3-7+squeeze13
Vary Accept-Encoding
Keep-Alive timeout=15, max=100
Connection Keep-Alive
Transfer-Encoding chunked
Content-Type text/htmlAlex