Displaying 9 results from an estimated 9 matches for "fin_wait".
Did you mean:
fin_wait1
2016 Feb 16
0
[Bug 1021] iptables -j CT --timeout policy
...est-tcp-2
-A PREROUTING -p tcp -m tcp --dport 1414 -j CT --timeout test-tcp
COMMIT
# nfct list timeout
.test-tcp = {
.l3proto = 2,
.l4proto = 6,
.policy = {
.SYN_SENT = 120,
.SYN_RECV = 60,
.ESTABLISHED = 100,
.FIN_WAIT = 120,
.CLOSE_WAIT = 10,
.LAST_ACK = 30,
.TIME_WAIT = 120,
.CLOSE = 10,
.SYN_SENT2 = 120,
.RETRANS = 300,
.UNACKNOWLEDGED = 300,
},
};
.test-tcp-2 = {
.l3proto = 2,...
2014 Dec 11
3
httpd listening only on IPv6 interface on CentOS 7
On Dec 11, 2014, at 3:10 AM, Alexander Dalloz <ad+lists at uni-x.org> wrote:
> Am 11.12.2014 um 04:48 schrieb Warren Young:
>>
>> the stock configuration of Apache only listens for IPv6 connections:
>
> No, that's just the way it is displayed for apache. In fact the service listens on IPv4 as well (given we speak about the default configuration with `Listen
2014 Dec 12
0
httpd listening only on IPv6 interface on CentOS 7
...he netstat oddity, and *then* we found that
> changing the Listen line in httpd.conf fixed it.
>
> That leaves me still wanting an explanation for what happened.
>
was the fix the config change or restarting of the service?
did netstat show client connections to port 80 in other
states(FIN_WAIT/etc)?
high load apache websites can often run out of connections due to the
limits in httpd.conf "<IfModule prefork.c>" section. these limits can be
increased if clients can no longer connect due to http child processes
being stuck in other tcp states.
2017 Nov 28
3
[Bug 1203] New: 'DisableExternalCache On' seems to be broken
...e Nov 28 09:53:41 2017] (pid=2286) [ERROR] inject-upd1: Invalid argument
Tue Nov 28 09:53:41 2017 tcp 6 ESTABLISHED src=192.168.2.10 dst=x.x.x.x
sport=39554 dport=443 [ASSURED]
[Tue Nov 28 09:53:41 2017] (pid=2286) [ERROR] inject-upd1: Invalid argument
Tue Nov 28 09:53:41 2017 tcp 6 FIN_WAIT src=192.168.2.10 dst=x.x.x.x
sport=39554 dport=443 [ASSURED]
[Tue Nov 28 09:53:41 2017] (pid=2286) [ERROR] inject-upd1: Invalid argument
Tue Nov 28 09:53:41 2017 tcp 6 CLOSE src=192.168.2.10 dst=x.x.x.x
sport=39554 dport=443 [ASSURED]
Regards
/Johan
--
You are receiving this mail becaus...
2009 Jan 14
5
troubles with 1.1.8 and squirrelmail over HTTPS
Hello
I noticed a problem after upgrading to 1.1.8
Users that access to their mailboxes using webmail squirrelmail and HTTPS
using HTTP seems to work correctly but it not safe enough ...
There is an error message saying the imap server send a BYE command ...
I downgraded our Dovecot server to 1.1.7 then it works again ...
Does somebody has the same problem ?
--
Cordialement
Frank Bonnet
2008 Jul 23
3
login processes from attacks staying for hours
I'm in the process of rolling out new setups with dovecot on CentOS 5.2
and I notice that dovecot doesn't handle the brute-force attacks too nice.
I reduced the limit a bit to some reasonable looking value:
login_max_processes_count = 32
to stop them earlier and the number of processes stops at that figure when
an attack happens.
However, it stays at this count for hours although the
2008 May 28
2
Sockets stuck in FIN_WAIT_1
...g or in /var/log/messages.
The server has plenty free available physical RAM, swap is untouched,
CPU load is low, etc. Apache is setup to handle a max of 100 clients
using prefork model.
If I stop and restart Apache, it does not help.
What I do notice is 1000's of sockets stuck in "FIN_WAIT_1" in netstat:
[web0:~] netstat -an | grep FIN_WAIT | wc -l
1827
These stick around forever. Some eventually trickle away after hours,
but the only thing that appears to fix it is to reboot the server.
Then all is fine for another day or so. I've tried just about every
tuni...
2009 Sep 30
1
Update on protection against slowloris
Hi list!
We tested mod_antiloris 0.4 and found it quite efficient, but before
putting it in production, we would like to hear some feedback from
freebsd users. We are using Apache 2.2.x on Freebsd 6.2 and 7.2. Is
anyone using it? Do you have any other way to patch against Slowloris
other than putting a proxy in front or using the HTTP accept filter?
Thanks for your feedback,
Martin
2003 Mar 28
9
Squid
I''m attempting to setup Squid as shown on:
http://shorewall.sourceforge.net/Shorewall_Squid_Usage.html#DMZ
The firewall is a Bering 1.0 firewall running Shorewall 1.3.11, Red Hat
7.2 on the server in the DMZ. I''m not seeing the requests come in to the
server using tcpdump. The server is 192.168.2.1 connecting to eth2 on the
firewall, the local traffic I''m trying to