Ддосят сайт, удалось установить закономерность среди атакующих ботов и все они успешно отсекаются nginx. В среднем в секунду боты генерят 400-600 запросов.
Появилась проблема другого плана
[code]
Apr 24 15:45:52 srv01 kernel: [380345.480476] __ratelimit: 6 messages suppressed
Apr 24 15:45:52 srv01 kernel: [380345.480484] nf_conntrack: CT 0: table full, dropping packet.
Apr 24 15:45:52 srv01 kernel: [380345.484477] nf_conntrack: CT 0: table full, dropping packet.
Apr 24 15:45:52 srv01 kernel: [380345.484791] nf_conntrack: CT 0: table full, dropping packet.
Apr 24 15:45:52 srv01 kernel: [380345.496476] nf_conntrack: CT 0: table full, dropping packet.
Apr 24 15:45:52 srv01 kernel: [380345.496476] nf_conntrack: CT 0: table full, dropping packet.
Apr 24 15:45:52 srv01 kernel: [380345.504579] nf_conntrack: CT 0: table full, dropping packet.
Apr 24 15:45:52 srv01 kernel: [380345.504579] nf_conntrack: CT 0: table full, dropping packet.
Apr 24 15:45:52 srv01 kernel: [380345.504579] nf_conntrack: CT 0: table full, dropping packet.
Apr 24 15:45:52 srv01 kernel: [380345.504579] nf_conntrack: CT 0: table full, dropping packet.
Apr 24 15:45:52 srv01 kernel: [380345.508912] nf_conntrack: CT 0: table full, dropping packet.
Apr 24 15:45:58 srv01 kernel: [380351.992168] __ratelimit: 4011 messages suppressed
Apr 24 15:45:58 srv01 kernel: [380351.992168] nf_conntrack: CT 0: table full, dropping packet.
Apr 24 15:46:02 srv01 kernel: [380355.568688] __ratelimit: 1469 messages suppressed
Apr 24 15:46:02 srv01 kernel: [380355.568695] nf_conntrack: CT 0: table full, dropping packet.
Apr 24 15:46:08 srv01 kernel: [380361.861933] __ratelimit: 1837 messages suppressed
Apr 24 15:46:08 srv01 kernel: [380361.861940] nf_conntrack: CT 0: table full, dropping packet.
Apr 24 15:46:12 srv01 kernel: [380365.898849] __ratelimit: 697 messages suppressed
Apr 24 15:46:12 srv01 kernel: [380365.898856] nf_conntrack: CT 0: table full, dropping packet.
Apr 24 15:46:17 srv01 kernel: [380371.493446] __ratelimit: 2195 messages suppressed
Apr 24 15:46:17 srv01 kernel: [380371.493453] TCP: time wait bucket table overflow (CT0)
Apr 24 15:46:25 srv01 kernel: [380379.194777] __ratelimit: 10 messages suppressed
Apr 24 15:46:25 srv01 kernel: [380379.194784] TCP: time wait bucket table overflow (CT0)
[/code]
[code]
# netstat -ntpa|grep TIME_WAIT |wc -l
13349
[/code]
так понимаю заканчивается количество доступных TIME_WAIT tcp соединений? как это можно увеличить?