紧急求救！！Linux AS4 老是DOWN机-UGxxoVr-ChinaUnix博客

程序员学习

首页　| 　博文目录　| 　关于我

UGxxoVr

博客访问： 818435
博文数量： 756
博客积分： 40000
博客等级：大将
技术积分： 4980
用户组：普通用户
注册时间： 2008-10-13 14:40

文章分类

全部博文（756）

未分配的博文（756）

文章存档

2011年（1）

2008年（755）

我的朋友

最近访客

推荐博文

紧急求救！！Linux AS4 老是DOWN机

分类：

2008-10-13 14:40:21

服务器安装的是RedHat Linux AS4 ，服务器只开了22,21,3306,80端口，一开始运行挺正常的，不过9号2点和今天2点，服务器都DOWN机了，网络不通，SSH也连接不上，不知是什么原因，急死了：（

求救高手指点！不胜感谢。

附：IPtables配置：
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 8090 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT

其中8090是apache端口，不过现在已经不用了。80是开给tomcat用的。　　　　　　
--------------------next---------------------
附：9号的日志：

Jul 9 04:02:37 localhost syslogd 1.4.1: restart.
Jul 9 04:02:42 localhost kernel: audit(1152388962.335:0): avc: denied { write } for pid=27354 exe=/usr/sbin/httpd name=mibs dev=dm-0 ino=4114959 scontext=root:system_r:httpd_t tcontext=system_u

bject_r:usr_t tclass=dir
Jul  9 04:02:47 localhost crond(pam_unix)[3579]: session closed for user root
Jul  9 04:05:01 localhost crond(pam_unix)[4193]: session opened for user root by (uid=0)
Jul  9 04:05:02 localhost crond(pam_unix)[4193]: session closed for user root
Jul  9 04:10:01 localhost crond(pam_unix)[4195]: session opened for user root by (uid=0)
Jul  9 04:10:01 localhost crond(pam_unix)[4197]: session opened for user root by (uid=0)
Jul  9 04:10:01 localhost crond(pam_unix)[4197]: session closed for user root
Jul  9 04:10:01 localhost crond(pam_unix)[4195]: session closed for user root
Jul  9 04:15:01 localhost crond(pam_unix)[4200]: session opened for user root by (uid=0)
Jul  9 04:15:01 localhost crond(pam_unix)[4200]: session closed for user root
Jul  9 04:20:01 localhost crond(pam_unix)[4202]: session opened for user root by (uid=0)
Jul  9 04:20:01 localhost crond(pam_unix)[4203]: session opened for user root by (uid=0)
Jul  9 04:20:01 localhost crond(pam_unix)[4203]: session closed for user root
Jul  9 04:20:02 localhost crond(pam_unix)[4202]: session closed for user root
Jul  9 04:22:01 localhost crond(pam_unix)[4209]: session opened for user root by (uid=0)
Jul  9 04:24:45 localhost crond(pam_unix)[4209]: session closed for user root
Jul  9 04:25:01 localhost crond(pam_unix)[7157]: session opened for user root by (uid=0)
Jul  9 04:25:02 localhost crond(pam_unix)[7157]: session closed for user root
Jul  9 04:30:01 localhost crond(pam_unix)[7159]: session opened for user root by (uid=0)
Jul  9 04:30:01 localhost crond(pam_unix)[7161]: session opened for user root by (uid=0)
Jul  9 04:30:01 localhost crond(pam_unix)[7161]: session closed for user root
Jul  9 04:30:01 localhost crond(pam_unix)[7159]: session closed for user root
Jul  9 04:35:01 localhost crond(pam_unix)[7164]: session opened for user root by (uid=0)
Jul  9 04:35:01 localhost crond(pam_unix)[7164]: session closed for user root
Jul  9 04:40:01 localhost crond(pam_unix)[7166]: session opened for user root by (uid=0)
Jul  9 04:40:01 localhost crond(pam_unix)[7167]: session opened for user root by (uid=0)
Jul  9 04:40:01 localhost crond(pam_unix)[7167]: session closed for user root
Jul  9 04:40:01 localhost crond(pam_unix)[7166]: session closed for user root
Jul  9 04:45:02 localhost crond(pam_unix)[7174]: session opened for user root by (uid=0)
Jul  9 04:45:02 localhost crond(pam_unix)[7174]: session closed for user root
Jul  9 04:50:01 localhost crond(pam_unix)[7178]: session opened for user root by (uid=0)
Jul  9 04:50:01 localhost crond(pam_unix)[7179]: session opened for user root by (uid=0)
Jul  9 04:50:01 localhost crond(pam_unix)[7179]: session closed for user root
Jul  9 04:50:02 localhost crond(pam_unix)[7178]: session closed for user root
Jul  9 04:55:01 localhost crond(pam_unix)[7183]: session opened for user root by (uid=0)
Jul  9 04:55:01 localhost crond(pam_unix)[7183]: session closed for user root
Jul  9 05:00:01 localhost crond(pam_unix)[7185]: session opened for user root by (uid=0)
Jul  9 05:00:01 localhost crond(pam_unix)[7186]: session opened for user root by (uid=0)
Jul  9 05:00:01 localhost crond(pam_unix)[7186]: session closed for user root
Jul  9 05:00:01 localhost crond(pam_unix)[7185]: session closed for user root
Jul  9 05:01:01 localhost crond(pam_unix)[7190]: session opened for user root by (uid=0)
Jul  9 05:01:01 localhost crond(pam_unix)[7190]: session closed for user root
Jul  9 05:05:01 localhost crond(pam_unix)[7200]: session opened for user root by (uid=0)
Jul  9 05:05:02 localhost crond(pam_unix)[7200]: session closed for user root
Jul  9 05:10:01 localhost crond(pam_unix)[7202]: session opened for user root by (uid=0)
Jul  9 05:10:01 localhost crond(pam_unix)[7204]: session opened for user root by (uid=0)
Jul  9 05:10:01 localhost crond(pam_unix)[7204]: session closed for user root
Jul  9 05:10:01 localhost crond(pam_unix)[7202]: session closed for user root
Jul  9 05:15:01 localhost crond(pam_unix)[7207]: session opened for user root by (uid=0)
Jul  9 05:15:01 localhost crond(pam_unix)[7207]: session closed for user root
Jul  9 05:20:01 localhost crond(pam_unix)[7209]: session opened for user root by (uid=0)
Jul  9 05:20:01 localhost crond(pam_unix)[7211]: session opened for user root by (uid=0)
Jul  9 05:20:01 localhost crond(pam_unix)[7211]: session closed for user root
Jul  9 05:20:02 localhost crond(pam_unix)[7209]: session closed for user root
Jul  9 05:25:01 localhost crond(pam_unix)[7214]: session opened for user root by (uid=0)
Jul  9 05:25:01 localhost crond(pam_unix)[7214]: session closed for user root
Jul  9 05:30:01 localhost crond(pam_unix)[7217]: session opened for user root by (uid=0)
Jul  9 05:30:01 localhost crond(pam_unix)[7216]: session opened for user root by (uid=0)
Jul  9 05:30:01 localhost crond(pam_unix)[7217]: session closed for user root
Jul  9 05:30:01 localhost crond(pam_unix)[7216]: session closed for user root
Jul  9 05:35:01 localhost crond(pam_unix)[7221]: session opened for user root by (uid=0)
Jul  9 05:35:02 localhost crond(pam_unix)[7221]: session closed for user root
Jul  9 05:40:01 localhost crond(pam_unix)[7223]: session opened for user root by (uid=0)
Jul  9 05:40:01 localhost crond(pam_unix)[7224]: session opened for user root by (uid=0)
Jul  9 05:40:01 localhost crond(pam_unix)[7224]: session closed for user root
Jul  9 05:40:01 localhost crond(pam_unix)[7223]: session closed for user root
Jul  9 05:45:01 localhost crond(pam_unix)[7228]: session opened for user root by (uid=0)
Jul  9 05:45:01 localhost crond(pam_unix)[7228]: session closed for user root
Jul  9 05:50:01 localhost crond(pam_unix)[7232]: session opened for user root by (uid=0)
Jul  9 05:50:01 localhost crond(pam_unix)[7234]: session opened for user root by (uid=0)
Jul  9 05:50:01 localhost crond(pam_unix)[7234]: session closed for user root
Jul  9 05:50:02 localhost crond(pam_unix)[7232]: session closed for user root
Jul  9 05:55:01 localhost crond(pam_unix)[7237]: session opened for user root by (uid=0)
Jul  9 05:55:01 localhost crond(pam_unix)[7237]: session closed for user root
Jul  9 06:00:01 localhost crond(pam_unix)[7239]: session opened for user root by (uid=0)
Jul  9 06:00:01 localhost crond(pam_unix)[7241]: session opened for user root by (uid=0)
Jul  9 06:00:01 localhost crond(pam_unix)[7241]: session closed for user root
Jul  9 06:00:01 localhost crond(pam_unix)[7239]: session closed for user root
Jul  9 06:01:01 localhost crond(pam_unix)[7244]: session opened for user root by (uid=0)
Jul  9 06:01:01 localhost crond(pam_unix)[7244]: session closed for user root
Jul  9 06:05:01 localhost crond(pam_unix)[7254]: session opened for user root by (uid=0)
Jul  9 06:05:01 localhost crond(pam_unix)[7254]: session closed for user root
Jul  9 06:10:01 localhost crond(pam_unix)[7256]: session opened for user root by (uid=0)
Jul  9 06:10:01 localhost crond(pam_unix)[7258]: session opened for user root by (uid=0)
Jul  9 06:10:02 localhost crond(pam_unix)[7258]: session closed for user root
Jul  9 06:10:02 localhost crond(pam_unix)[7256]: session closed for user root
Jul  9 06:15:01 localhost crond(pam_unix)[7261]: session opened for user root by (uid=0)
Jul  9 06:15:01 localhost crond(pam_unix)[7261]: session closed for user root
Jul  9 06:20:01 localhost crond(pam_unix)[7263]: session opened for user root by (uid=0)
Jul  9 09:13:25 localhost kernel: e1000: eth0: e1000_watchdog: NIC Link is Down
Jul  9 09:13:28 localhost kernel: e1000: eth0: e1000_watchdog: NIC Link is Up 100 Mbps Full Duplex
Jul  9 09:55:04 localhost kernel: e1000: eth0: e1000_watchdog: NIC Link is Down
Jul  9 09:55:05 localhost kernel: e1000: eth0: e1000_watchdog: NIC Link is Up 100 Mbps Full Duplex
Jul  9 10:40:07 localhost sshd(pam_unix)[7663]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.37.4.200  user=cyrus
Jul  9 10:40:11 localhost unix_chkpwd[7667]: check pass; user unknown
Jul  9 10:40:11 localhost sshd(pam_unix)[7665]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.37.4.200
Jul  9 10:40:14 localhost unix_chkpwd[7670]: check pass; user unknown
Jul  9 10:40:14 localhost sshd(pam_unix)[7668]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.37.4.200
Jul  9 10:40:18 localhost sshd(pam_unix)[7671]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.37.4.200  user=ftp
Jul  9 10:40:22 localhost unix_chkpwd[7675]: check pass; user unknown
Jul  9 10:40:22 localhost sshd(pam_unix)[7673]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.37.4.200
Jul  9 10:40:26 localhost unix_chkpwd[7678]: check pass; user unknown
Jul  9 10:40:26 localhost sshd(pam_unix)[7676]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.37.4.200
Jul  9 10:40:30 localhost unix_chkpwd[7681]: check pass; user unknown
Jul  9 10:40:30 localhost sshd(pam_unix)[7679]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.37.4.200
Jul  9 10:40:34 localhost sshd(pam_unix)[7682]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.37.4.200  user=postfix
Jul  9 10:40:37 localhost sshd(pam_unix)[7684]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.37.4.200  user=postgres
Jul  9 10:40:41 localhost unix_chkpwd[7688]: check pass; user unknown
这是一部分，　　　　　　
--------------------next---------------------
附：9号2点左右DOWN机时的日志
Jul 9 13:44:00 localhost sshd(pam_unix)[9610]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=208.101.26.188
Jul 9 13:44:05 localhost unix_chkpwd[9615]: check pass; user unknown
Jul 9 13:44:05 localhost sshd(pam_unix)[9613]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=208.101.26.188
Jul 9 13:44:11 localhost unix_chkpwd[9618]: check pass; user unknown
Jul 9 13:44:11 localhost sshd(pam_unix)[9616]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=208.101.26.188
Jul 9 13:44:16 localhost unix_chkpwd[9621]: check pass; user unknown
Jul 9 13:44:16 localhost sshd(pam_unix)[9619]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=208.101.26.188
Jul 9 13:44:21 localhost unix_chkpwd[9624]: check pass; user unknown
Jul 9 13:44:21 localhost sshd(pam_unix)[9622]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=208.101.26.188
Jul 9 13:44:26 localhost unix_chkpwd[9627]: check pass; user unknown
Jul 9 13:44:26 localhost sshd(pam_unix)[9625]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=208.101.26.188
Jul 9 13:44:31 localhost unix_chkpwd[9630]: check pass; user unknown
Jul 9 13:44:31 localhost sshd(pam_unix)[9628]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=208.101.26.188
Jul 9 13:45:01 localhost crond(pam_unix)[9631]: session opened for user root by (uid=0)
Jul 9 13:45:02 localhost crond(pam_unix)[9631]: session closed for user root
Jul 9 13:50:01 localhost crond(pam_unix)[9636]: session opened for user root by (uid=0)
Jul 9 13:50:01 localhost crond(pam_unix)[9638]: session opened for user root by (uid=0)
Jul 9 13:50:01 localhost crond(pam_unix)[9638]: session closed for user root
Jul 9 13:50:01 localhost crond(pam_unix)[9636]: session closed for user root
Jul 9 13:55:01 localhost crond(pam_unix)[9641]: session opened for user root by (uid=0)
Jul 9 13:55:02 localhost crond(pam_unix)[9641]: session closed for user root
Jul 9 14:00:01 localhost crond(pam_unix)[9643]: session opened for user root by (uid=0)
Jul 9 14:00:01 localhost crond(pam_unix)[9644]: session opened for user root by (uid=0)
Jul 9 14:00:01 localhost crond(pam_unix)[9644]: session closed for user root
Jul 9 14:00:01 localhost crond(pam_unix)[9643]: session closed for user root
Jul 9 14:01:01 localhost crond(pam_unix)[9648]: session opened for user root by (uid=0)
Jul 9 14:01:01 localhost crond(pam_unix)[9648]: session closed for user root
Jul 9 14:03:19 localhost kernel: e1000: eth0: e1000_watchdog: NIC Link is Down
Jul 9 14:05:01 localhost crond(pam_unix)[9658]: session opened for user root by (uid=0)
Jul 9 14:05:01 localhost crond(pam_unix)[9658]: session closed for user root
Jul 9 14:10:01 localhost crond(pam_unix)[9660]: session opened for user root by (uid=0)
Jul 9 14:10:01 localhost crond(pam_unix)[9661]: session opened for user root by (uid=0)
Jul 9 14:10:01 localhost crond(pam_unix)[9661]: session closed for user root
Jul 9 14:10:02 localhost crond(pam_unix)[9660]: session closed for user root
Jul 9 14:15:01 localhost crond(pam_unix)[9665]: session opened for user root by (uid=0)
Jul 9 14:15:01 localhost crond(pam_unix)[9665]: session closed for user root
Jul 9 14:20:01 localhost crond(pam_unix)[9668]: session opened for user root by (uid=0)
Jul 9 14:20:01 localhost crond(pam_unix)[9667]: session opened for user root by (uid=0)
Jul 9 14:20:01 localhost crond(pam_unix)[9668]: session closed for user root
Jul 9 14:20:01 localhost crond(pam_unix)[9667]: session closed for user root
Jul 9 14:25:01 localhost crond(pam_unix)[9672]: session opened for user root by (uid=0)
Jul 9 14:25:01 localhost crond(pam_unix)[9672]: session closed for user root
Jul 9 14:30:01 localhost crond(pam_unix)[9674]: session opened for user root by (uid=0)
Jul 9 14:30:01 localhost crond(pam_unix)[9676]: session opened for user root by (uid=0)
Jul 9 14:30:02 localhost crond(pam_unix)[9676]: session closed for user root
Jul 9 14:30:02 localhost crond(pam_unix)[9674]: session closed for user root
Jul 9 14:35:01 localhost crond(pam_unix)[9679]: session opened for user root by (uid=0)
Jul 9 14:35:01 localhost crond(pam_unix)[9679]: session closed for user root
Jul 9 14:40:01 localhost crond(pam_unix)[9681]: session opened for user root by (uid=0)
Jul 9 14:40:01 localhost crond(pam_unix)[9682]: session opened for user root by (uid=0)
Jul 9 14:40:01 localhost crond(pam_unix)[9682]: session closed for user root
Jul 9 14:40:01 localhost crond(pam_unix)[9681]: session closed for user root
Jul 9 14:41:38 localhost shutdown: shutting down for system halt
Jul 9 14:41:38 localhost init: Switching to runlevel: 0
Jul 9 14:41:40 localhost cups-config-daemon: cups-config-daemon -TERM succeeded
Jul 9 14:41:40 localhost haldaemon: haldaemon -TERM succeeded
Jul 9 14:41:40 localhost messagebus: messagebus -TERM succeeded
Jul 9 14:41:40 localhost dbus: avc: 3 AV entries and 3/512 buckets used, longest chain length 1
Jul 9 14:41:41 localhost gpm[2381]: *** info [mice.c(1766)]:
Jul 9 14:41:41 localhost gpm[2381]: imps2: Auto-detected intellimouse PS/2
Jul 9 14:41:42 localhost atd: atd shutdown succeeded
Jul 9 14:41:42 localhost cups: cupsd shutdown succeeded
Jul 9 14:41:42 localhost xfs[2486]: terminating
Jul 9 14:41:42 localhost xfs: xfs shutdown succeeded　　　　　　
--------------------next---------------------

阅读(418) | 评论(0) | 转发(0) |

上一篇：【求助】有高手可以帮帮我嘛。

下一篇：紧急求救！！Linux AS4 老是DOWN机

给主人留下些什么吧！~~

感谢所有关心和支持过ChinaUnix的朋友们

16024965号-6