标签:Linux FIN_WAIT2 TIME_WAIT
问题描述:
Hi everyone,
like the topic says, my server has tons of connections in FIN_WAIT2 and TIME_WAIT status and I have no idea whats causing it It's a new box and it has been like that pretty much from the beginning (past 6 days). I think the CPU is not overloaded and always only between 0.2 and 0.5.
I have set up a 10 minute cronjob a few hours ago to log the output of netstat -tn into files and the largest file has 60+ Kbytes.
I would be very thankful, if someone has an idea about what is happening here.
Thanks a lot!
解决办法:
You will get the description of FIN_WAIT2 & TIME_WAIT in the man page of netstat. Type 'man netstat' in the shell. You can minimize those FIN_WAIT2 & TIME_WAIT states by doing the below things :-
echo 1 > /proc/sys/net/ipv4/tcp_syncookies
Put following in /etc/sysctl.conf
# Enable TCP SYN cookie protection
net.ipv4.tcp_syncookies = 1
# Decrease the time default value for tcp_fin_timeout connection
net.ipv4.tcp_fin_timeout = 30
# Turn off the tcp_window_scaling
net.ipv4.tcp_window_scaling = 0
# Turn off the tcp_sack
net.ipv4.tcp_sack = 0
Then execute the command :-
# /sbin/sysctl -p
You can also execute the following commands to minimize the syn attack in the future :-
iptables -A INPUT -p tcp --tcp-flags SYN,FIN SYN,FIN -j DROP
iptables -A INPUT -p tcp --tcp-flags SYN,RST SYN,RST -j DROP
iptables -A INPUT -p tcp --tcp-flags FIN,RST FIN,RST -j DROP
iptables -A INPUT -p tcp --tcp-flags ACK,FIN FIN -j DROP
阅读(2684) | 评论(0) | 转发(0) |
