分类: 系统运维
2011-06-29 09:43:31
① Jun 16 18:55:19 squid kernel: possible SYN flooding on port 80. Sending cookies.
Jun 16 18:55:20 squid kernel: printk: 6 messages suppressed.
解决方法:原因为syncookies数值过低(该选项的作用主要是防范SYN泛红攻击)
#vi /etc/sysctl.conf
net.ipv4.tcp_max_syn_backlog = 65535
:wq!
#sysctl –p /etc/sysctl.conf
② .Jun 16 20:01:20 squid1 kernel: ip_conntrack: table full, dropping packet.
解决方法:原因为系统的IP连接数过少,增大即可.
#vi /etc/sysctl.conf
net.ipv4.ip_conntrack_max = 524288
:wq!
#sysctl –p /etc/sysctl.conf
③. 2011/06/17 16:30:31| WARNING: Forwarding loop detected for:
Client: 10.12.12.9 http_port: 10.12.12.9:80
GET HTTP/1.0
Referer:
Accept: */*
ThreadID: 4960
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; GTB6; InfoPath.2; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET CLR 1.1.4322; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)
Host: 10.12.12.9
Via: 1.1 squid1.aaa.com:80 (squid), 1.0 squid1.aaa.com:80 (squid)
X-Forwarded-For: xxx.xxx.xxx.xxx, 10.12.12.9
Cache-Control: no-cache, max-age=259200
Connection: keep-alive
解决方法:引起该问题的是squid配置原因,在配置文件里有两条内容相同ACL,且在访问控制项,两条ACL同时应用引起.将两条ACL归为一条,且在http_access选项里做同样修改.
④ . 2011/06/28 10:15:13| squidaio_queue_request: WARNING - Disk I/O overloading
解决方法:I/O超载,适当调整squid缓存目录的大小