Nginx-ru mailing list archive (nginx-ru@sysoev.ru)
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Nginx, Linux и DDOS
- To: nginx-ru@xxxxxxxxx
- Subject: Nginx, Linux и DDOS
- From: "sba" <nginx-forum@xxxxxxxx>
- Date: Sat, 24 Apr 2010 08:05:58 -0400
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=mickey.jlkhosting.com; s=x; h=Sender:From:Message-ID:Content-Transfer-Encoding:Content-Type:Subject:To:Date; bh=NyQsJ8yVBIZ53nw9BS9MElpMUj2zYrqWl+GsoRSbxNo=; b=J4NA8KiQhBn6heekP9mCmtDbdZ6Di60CpI2NpNbVdnvqPmlGHbR/4XPVc2Fz415SanwPEzcJjJA2N0Qc7Eid0sJdMKWMAep0HnStxDjwBt9XBCT3CLRTP47wFhG2YrUO;
Ддосят сайт, удалось установить закономерность среди атакующих ботов и все они
успешно отсекаются nginx. В среднем в секунду боты генерят 400-600 запросов.
Появилась проблема другого плана
Apr 24 15:45:52 srv01 kernel: [380345.480476] __ratelimit: 6 messages suppressed
Apr 24 15:45:52 srv01 kernel: [380345.480484] nf_conntrack: CT 0: table full,
dropping packet.
Apr 24 15:45:52 srv01 kernel: [380345.484477] nf_conntrack: CT 0: table full,
dropping packet.
Apr 24 15:45:52 srv01 kernel: [380345.484791] nf_conntrack: CT 0: table full,
dropping packet.
Apr 24 15:45:52 srv01 kernel: [380345.496476] nf_conntrack: CT 0: table full,
dropping packet.
Apr 24 15:45:52 srv01 kernel: [380345.496476] nf_conntrack: CT 0: table full,
dropping packet.
Apr 24 15:45:52 srv01 kernel: [380345.504579] nf_conntrack: CT 0: table full,
dropping packet.
Apr 24 15:45:52 srv01 kernel: [380345.504579] nf_conntrack: CT 0: table full,
dropping packet.
Apr 24 15:45:52 srv01 kernel: [380345.504579] nf_conntrack: CT 0: table full,
dropping packet.
Apr 24 15:45:52 srv01 kernel: [380345.504579] nf_conntrack: CT 0: table full,
dropping packet.
Apr 24 15:45:52 srv01 kernel: [380345.508912] nf_conntrack: CT 0: table full,
dropping packet.
Apr 24 15:45:58 srv01 kernel: [380351.992168] __ratelimit: 4011 messages
suppressed
Apr 24 15:45:58 srv01 kernel: [380351.992168] nf_conntrack: CT 0: table full,
dropping packet.
Apr 24 15:46:02 srv01 kernel: [380355.568688] __ratelimit: 1469 messages
suppressed
Apr 24 15:46:02 srv01 kernel: [380355.568695] nf_conntrack: CT 0: table full,
dropping packet.
Apr 24 15:46:08 srv01 kernel: [380361.861933] __ratelimit: 1837 messages
suppressed
Apr 24 15:46:08 srv01 kernel: [380361.861940] nf_conntrack: CT 0: table full,
dropping packet.
Apr 24 15:46:12 srv01 kernel: [380365.898849] __ratelimit: 697 messages
suppressed
Apr 24 15:46:12 srv01 kernel: [380365.898856] nf_conntrack: CT 0: table full,
dropping packet.
Apr 24 15:46:17 srv01 kernel: [380371.493446] __ratelimit: 2195 messages
suppressed
Apr 24 15:46:17 srv01 kernel: [380371.493453] TCP: time wait bucket table
overflow (CT0)
Apr 24 15:46:25 srv01 kernel: [380379.194777] __ratelimit: 10 messages
suppressed
Apr 24 15:46:25 srv01 kernel: [380379.194784] TCP: time wait bucket table
overflow (CT0)
# netstat -ntpa|grep TIME_WAIT |wc -l
13349
так понимаю заканчивается количество доступных TIME_WAIT tcp соединений? как
это можно увеличить?
Posted at Nginx Forum: http://forum.nginx.org/read.php?21,78756,78756#msg-78756
_______________________________________________
nginx-ru mailing list
nginx-ru@xxxxxxxxx
http://nginx.org/mailman/listinfo/nginx-ru
|