Welcome! Log In Create A New Profile

Advanced

Nginx, Linux и DDOS

sba
April 24, 2010 08:05AM
Ддосят сайт, удалось установить закономерность среди атакующих ботов и все они успешно отсекаются nginx. В среднем в секунду боты генерят 400-600 запросов.

Появилась проблема другого плана

[code]
Apr 24 15:45:52 srv01 kernel: [380345.480476] __ratelimit: 6 messages suppressed
Apr 24 15:45:52 srv01 kernel: [380345.480484] nf_conntrack: CT 0: table full, dropping packet.
Apr 24 15:45:52 srv01 kernel: [380345.484477] nf_conntrack: CT 0: table full, dropping packet.
Apr 24 15:45:52 srv01 kernel: [380345.484791] nf_conntrack: CT 0: table full, dropping packet.
Apr 24 15:45:52 srv01 kernel: [380345.496476] nf_conntrack: CT 0: table full, dropping packet.
Apr 24 15:45:52 srv01 kernel: [380345.496476] nf_conntrack: CT 0: table full, dropping packet.
Apr 24 15:45:52 srv01 kernel: [380345.504579] nf_conntrack: CT 0: table full, dropping packet.
Apr 24 15:45:52 srv01 kernel: [380345.504579] nf_conntrack: CT 0: table full, dropping packet.
Apr 24 15:45:52 srv01 kernel: [380345.504579] nf_conntrack: CT 0: table full, dropping packet.
Apr 24 15:45:52 srv01 kernel: [380345.504579] nf_conntrack: CT 0: table full, dropping packet.
Apr 24 15:45:52 srv01 kernel: [380345.508912] nf_conntrack: CT 0: table full, dropping packet.
Apr 24 15:45:58 srv01 kernel: [380351.992168] __ratelimit: 4011 messages suppressed
Apr 24 15:45:58 srv01 kernel: [380351.992168] nf_conntrack: CT 0: table full, dropping packet.
Apr 24 15:46:02 srv01 kernel: [380355.568688] __ratelimit: 1469 messages suppressed
Apr 24 15:46:02 srv01 kernel: [380355.568695] nf_conntrack: CT 0: table full, dropping packet.
Apr 24 15:46:08 srv01 kernel: [380361.861933] __ratelimit: 1837 messages suppressed
Apr 24 15:46:08 srv01 kernel: [380361.861940] nf_conntrack: CT 0: table full, dropping packet.
Apr 24 15:46:12 srv01 kernel: [380365.898849] __ratelimit: 697 messages suppressed
Apr 24 15:46:12 srv01 kernel: [380365.898856] nf_conntrack: CT 0: table full, dropping packet.
Apr 24 15:46:17 srv01 kernel: [380371.493446] __ratelimit: 2195 messages suppressed
Apr 24 15:46:17 srv01 kernel: [380371.493453] TCP: time wait bucket table overflow (CT0)
Apr 24 15:46:25 srv01 kernel: [380379.194777] __ratelimit: 10 messages suppressed
Apr 24 15:46:25 srv01 kernel: [380379.194784] TCP: time wait bucket table overflow (CT0)
[/code]
[code]
# netstat -ntpa|grep TIME_WAIT |wc -l
13349
[/code]


так понимаю заканчивается количество доступных TIME_WAIT tcp соединений? как это можно увеличить?
Subject Author Posted

Nginx, Linux и DDOS

sba April 24, 2010 08:05AM

Re: Nginx, Linux и DDOS

Bokhan Artem April 24, 2010 08:16AM

Re: Nginx, Linux и DDOS

sba April 24, 2010 08:31AM

Re: Nginx, Linux и DDOS

big bond April 24, 2010 08:36AM

Re: Nginx, Linux и DDOS

Bokhan Artem April 24, 2010 08:38AM

Re: Nginx, Linux и DDOS

sba April 24, 2010 08:45AM

Re: Nginx, Linux и DDOS

Alex Vorona April 24, 2010 08:56AM

Re: Nginx, Linux и DDOS

Никита Кардашин April 24, 2010 09:10AM

Re: Nginx, Linux и DDOS

Никита Кардашин April 24, 2010 09:10AM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 144
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 500 on July 15, 2024
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready