search for: fin_wait

...est-tcp-2 -A PREROUTING -p tcp -m tcp --dport 1414 -j CT --timeout test-tcp COMMIT # nfct list timeout .test-tcp = { .l3proto = 2, .l4proto = 6, .policy = { .SYN_SENT = 120, .SYN_RECV = 60, .ESTABLISHED = 100, .FIN_WAIT = 120, .CLOSE_WAIT = 10, .LAST_ACK = 30, .TIME_WAIT = 120, .CLOSE = 10, .SYN_SENT2 = 120, .RETRANS = 300, .UNACKNOWLEDGED = 300, }, }; .test-tcp-2 = { .l3proto = 2,...

On Dec 11, 2014, at 3:10 AM, Alexander Dalloz <ad+lists at uni-x.org> wrote: > Am 11.12.2014 um 04:48 schrieb Warren Young: >> >> the stock configuration of Apache only listens for IPv6 connections: > > No, that's just the way it is displayed for apache. In fact the service listens on IPv4 as well (given we speak about the default configuration with `Listen

...he netstat oddity, and *then* we found that > changing the Listen line in httpd.conf fixed it. > > That leaves me still wanting an explanation for what happened. > was the fix the config change or restarting of the service? did netstat show client connections to port 80 in other states(FIN_WAIT/etc)? high load apache websites can often run out of connections due to the limits in httpd.conf "<IfModule prefork.c>" section. these limits can be increased if clients can no longer connect due to http child processes being stuck in other tcp states.

...e Nov 28 09:53:41 2017] (pid=2286) [ERROR] inject-upd1: Invalid argument Tue Nov 28 09:53:41 2017 tcp 6 ESTABLISHED src=192.168.2.10 dst=x.x.x.x sport=39554 dport=443 [ASSURED] [Tue Nov 28 09:53:41 2017] (pid=2286) [ERROR] inject-upd1: Invalid argument Tue Nov 28 09:53:41 2017 tcp 6 FIN_WAIT src=192.168.2.10 dst=x.x.x.x sport=39554 dport=443 [ASSURED] [Tue Nov 28 09:53:41 2017] (pid=2286) [ERROR] inject-upd1: Invalid argument Tue Nov 28 09:53:41 2017 tcp 6 CLOSE src=192.168.2.10 dst=x.x.x.x sport=39554 dport=443 [ASSURED] Regards /Johan -- You are receiving this mail becaus...

Hello I noticed a problem after upgrading to 1.1.8 Users that access to their mailboxes using webmail squirrelmail and HTTPS using HTTP seems to work correctly but it not safe enough ... There is an error message saying the imap server send a BYE command ... I downgraded our Dovecot server to 1.1.7 then it works again ... Does somebody has the same problem ? -- Cordialement Frank Bonnet

I'm in the process of rolling out new setups with dovecot on CentOS 5.2 and I notice that dovecot doesn't handle the brute-force attacks too nice. I reduced the limit a bit to some reasonable looking value: login_max_processes_count = 32 to stop them earlier and the number of processes stops at that figure when an attack happens. However, it stays at this count for hours although the

...g or in /var/log/messages. The server has plenty free available physical RAM, swap is untouched, CPU load is low, etc. Apache is setup to handle a max of 100 clients using prefork model. If I stop and restart Apache, it does not help. What I do notice is 1000's of sockets stuck in "FIN_WAIT_1" in netstat: [web0:~] netstat -an | grep FIN_WAIT | wc -l 1827 These stick around forever. Some eventually trickle away after hours, but the only thing that appears to fix it is to reboot the server. Then all is fine for another day or so. I've tried just about every tuni...

Hi list! We tested mod_antiloris 0.4 and found it quite efficient, but before putting it in production, we would like to hear some feedback from freebsd users. We are using Apache 2.2.x on Freebsd 6.2 and 7.2. Is anyone using it? Do you have any other way to patch against Slowloris other than putting a proxy in front or using the HTTP accept filter? Thanks for your feedback, Martin

I''m attempting to setup Squid as shown on: http://shorewall.sourceforge.net/Shorewall_Squid_Usage.html#DMZ The firewall is a Bering 1.0 firewall running Shorewall 1.3.11, Red Hat 7.2 on the server in the DMZ. I''m not seeing the requests come in to the server using tcpdump. The server is 192.168.2.1 connecting to eth2 on the firewall, the local traffic I''m trying to