similar to: tcp_tw_recycle / tcp_tw_reuse

This was due to a ProxyRequests On Let this be a lesson to all. [root at localhost log]# cat /proc/net/ip_conntrack | wc -l 11042 [root at localhost log]# cat /proc/sys/net/ipv4/ip_conntrack_max 28632 [root at localhost log]# cat /var/log/messages ... Sep 2 04:04:30 localhost kernel: printk: 213 messages suppressed. Sep 2 04:04:30 localhost kernel: ip_conntrack: table full, dropping

First off, a disclaimer: this is not a problem with openssh per se as it is also occurring with other software on my server, but I was hoping someone reading this might know more about the problem than I do. Thank you very much in advance for your help. Problem: connecting to the server via sftp results in a hang here: if (select(max+1, rset, wset, NULL, NULL) < 0) { which is line 1428 from

https://bugzilla.netfilter.org/show_bug.cgi?id=1021 Pablo Neira Ayuso <pablo at netfilter.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED CC| |pablo at netfilter.org --- Comment #1 from Pablo

Hello, today I came to my job and I noticed that apache is not running. When I tried to run it, I learned that port 80 uis already in use. Using netstat -aenpl I tried to learn wha proces is using port 80, but I only leatned this: tcp 0 0 172.16.0.1:80 172.16.0.1:35664 SYN_RECV 0 0 - tcp 0 0 172.16.0.1:80 172.16.0.1:43464 SYN_RECV 0 0 - tcp 0 0 172.16.0.1:80 172.16.0.1:33764 SYN_RECV 0 0 - tcp

Hi, I am not sure to report this as a bug. so mailing to the list. I have sshd(openssh3.5p1) server running on my router and when i run tcpjunk to that port, sshd gets killed after some time 192.168.71.1 is my sshd server and 192.168.71.4 is my client from where i send my dos attack This is the tcpjunk command i gave to the ssh server #tcpjunk -s 192.168.71.1 -p 22 -c req -i 100 req session

Hi there, I have some DDOS(?) attack on my router going where my apache HTTP server is flooded with short-timed connections from some host. This results in LOTS of sockets in TIME_WAIT/LAST_ACK/CLOSING states and eventually I'm out of mbufs, which, consequently means I can't even connect to the router from LAN. The kern.ipc.nmbclusters is 2560, (I guess high enough for router with

I have the need to know how many connection the server has, i run this command but i don't know how to sum all the results and get a final number. any ideas? netstat -an | grep -E 'tcp|udp' | awk '{print $6}' | sort | uniq -c | sort -n ?? 1 CLOSE_WAIT ?? 1 FIN_WAIT_2 ?? 1 LAST_ACK ?? 1 TIME_WAIT ?? 4 SYN_SENT ? 15 ? 37 LISTEN ? 44 ESTABLISHED

I am trying to run ssh to a server continuously and quickly. Out of about 10-12 times of good run or result, once the client gets stuck. It does not connect. This we are observing after upgrading both the server and client to OpenSSL 9.6p1. We are running this cmd on the client side: ssh -vvv -p 1022 -o UserKnownHostsFile=/dev/null -o GSSAPIAuthentication=no -o StrictHostKeyChecking=no -o

Hi, I''m serving the puppetmaster application with its config.ru through unicorn - proxied by nginx. I''m using unix sockets, 4 workers, and 2048 backlog. The clients - after their typical "puppet run" - send back a report to the master in YAML. Some clients whose reports tend to be large (close to 2mb) get a 502 bad gateway error and error out. nginx log: 2010/10/22

OK, Something wacky. I'm getting many, many of these, it just keeps building: --snip-- netstat -vat: tcp 0 0 192.168.103.99:http statusurl.e-gold.com:57015 SYN_RECV tcp 0 0 192.168.103.99:http statusurl.e-gold.com:26377 SYN_RECV tcp 0 0 192.168.103.99:http statusurl.e-gold.com:64279 SYN_RECV tcp 0 0

> On Jul 28, 2015, at 21:52 , Steffan Cline <steffan at hldns.com> wrote: > > Ok, I think I have come a little further. > > When dovecot stops accepting connections, I checked netstat and found this: > > [root at hosting1 ~]# netstat -an | grep 993 > tcp 0 0 0.0.0.0:993 0.0.0.0:* LISTEN > tcp 0 0

hi ya On Tue, Jul 28, 2015 at 11:35:31PM -0400, Chris Ross wrote: > > > On Jul 28, 2015, at 21:52 , Steffan Cline <steffan at hldns.com> wrote: > > > > Ok, I think I have come a little further. > > > > When dovecot stops accepting connections, I checked netstat and found this: > > > > [root at hosting1 ~]# netstat -an | grep 993 > >

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 28 Jul 2015, Steffan Cline wrote: > When dovecot stops accepting connections, I checked netstat and found this: > > [root at hosting1 ~]# netstat -an | grep 993 > tcp 0 0 0.0.0.0:993 0.0.0.0:* LISTEN > tcp 0 0 65.39.x.x:993 184.101.x.x:36351 SYN_RECV

Steffen, I checked 993 since I was using SSL for sending/receiving but imagine it?ll look the same if I check any of the other ports. When I tested via telnet, I checked from my home, not on the server to itself. ?telnet host.com imap? I don?t have an answer for you on the state yet since it?s working at the moment. As far as which processes, I try to connect and no matter what, I don?t get

Ok, I think I have come a little further. When dovecot stops accepting connections, I checked netstat and found this: [root at hosting1 ~]# netstat -an | grep 993 tcp 0 0 0.0.0.0:993 0.0.0.0:* LISTEN tcp 0 0 65.39.x.x:993 184.101.x.x:36351 SYN_RECV tcp 0 0 65.39.x.x:993 107.212.x.x:51487

After fixing the "duplicate compression" problem, we're now encountering "imap-login: Error: proxy(USERNAME): connect(10.x.x.178, 993) failed: Cannot assign requested address (after 0 secs, local=10.x.x.100)" in the logs. We already tried raising the ulimit, the max number of open files. Once we reach about 25k connections, we're getting the error above... for all

I hate it when I crash my email server. Here's what tailing /var/log/qmail/qmail-smtp/current gives me: [root at toast jack]# tail /var/log/qmail/qmail-smtpd/current @400000004e9ddbd031610f54 tcpserver: status: 0/20 @400000004e9ddbd72c767c04 tcpserver: status: 1/20 @400000004e9ddbd72c7ab60c tcpserver: pid 12039 from 210.76.164.235 @400000004e9ddbd739a20d1c tcpserver: ok 12039

https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=511 Summary: Premature ip_conntrack timer expiry on 3+ window size advertisements Product: netfilter/iptables Version: linux-2.6.x Platform: All OS/Version: All Status: NEW Severity: minor Priority: P2 Component: ip_conntrack

Hello everybody, I''m new to Xen so forgive me if this is already well known issue. I''m using Ubuntu server 7.04 (feisty) with Xen 3.0.3 Everything works perfectly, apart from networking in NAT mode. With bridging it works, with NAT it works, well, quite strange. Namely, pings go through and name resolution works. But when I try to use anything substantial, then

It has been some posting about this issue, but I cant find a solution I can't log on to my ldap server port 389 with my browser. service seems to be running. I am not running selinux, port 389 are open on both client and server. Message from browser: Access to this port is disabled for security reasons. Added command (hint from earlier posting) and got this list # netstat -aptn | grep