[mirror-admin] Gigabit NIC saturated.. Rewrite Rule trouble.

Voll, Toivo toivo at acnet.usf.edu
Fri May 16 15:46:30 EDT 2008 

The config in httpd.conf is from
http://fedoraproject.org/wiki/Infrastructure/Mirroring:

RewriteEngine on
RewriteCond %{HTTP:Range} [0-9]$
RewriteRule .iso$ / [F,L,R=403]

And here's the error:

[root at ftp conf]# service httpd configtest
Syntax error on line 303 of /etc/httpd/conf/httpd.conf:
RewriteRule: invalid HTTP response code for flag 'R'

I've also tried the iso -> ftp rewrite rule:
RewriteCond %{REQUEST_METHOD} GET
RewriteRule ^(.*\.iso)$ ftp://myserver/$1  [L,R=301]

And it seems to do the trick -- as long as the client is on IPv4. IPv6
on Vista breaks with both Firefox and IE, and I'm not sure why. The
client goes from HTTP to FTP, logs in, gets the banner and all, and then
just dies with an 425 error.


--
Toivo Voll
Network Administrator
Data Network Management
University of South Florida




-----Original Message-----
From: mirror-list-d-bounces at redhat.com
[mailto:mirror-list-d-bounces at redhat.com] On Behalf Of Paul Mezzanini
Sent: Wednesday, May 14, 2008 6:06 PM
To: A private discussion group for official mirrors of ftp.redhat.com
Subject: Re: Gigabit NIC saturated.. [Re: Fedora 9 bitflip... slow
becauseof the updates

[snip]

Is it just a generic "syntax error" or anything specific?  Can you
attach
the relevant part of your apache config file and the actual error
output?

As for those pesky download accelerators...  Just today I blocked all
resumes for .iso files on my server.  In roughly 15 seconds I had over
60
hits for one file alone across 4 IP addresses.  I tried the block on the
page in the past but it had very little effect.  After some snooping
around,
I learned that some flavor of accelerator just does not put an end on
the
range and dumps the connect after it gets the bytes it wants.  That
bypasses
the rules we have listed.

I looked into making every match give a 416 error because that looked to
be
the most relevant.  ( Requested Range Not Satisfiable )  The machines
kept
pounding on my server so I just set it to 403 before leaving.  They
still
kept pounding even with the 403 so I'm not totally sure how I will
handle
this yet.

How does everyone else handle this problem?

-paul


-- 
Paul Mezzanini
Rochester Institute of Technology
Senior Systems Administrator/Engineer
Research Computing
585.475.2189

--

--

More information about the Mirror-admin mailing list