Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: IPtable rules for DNS/http/https traffic for specific hosts only, not working.
Special Forums IP Networking Proxy Server IPtable rules for DNS/http/https traffic for specific hosts only, not working. Post 302899546 by phi0x on Tuesday 29th of April 2014 07:32:13 PM
Old 04-29-2014
yesterday the vps got taken down again due to too many conntrack connections they said again.

I am not sure what logs to look at but when I do netstat -ntulp it shows very few connections when they bring the vps back online. I've monitored all day checking a few times every hour to see how the netstat and the /proc/net/nf_conntrack log shows. Doesn't seem like a crazy amount of connections are being produced. I'd say no more than 1-50 connections, average around 10. Mostly opened connections from dns/proxy from a few of the ip's I have allowed in.

This is no where close to their 25-30k conntrack limit.

Today the server hasn't gone down, the iptable rules are automatically applied upon boot. Shall continue to monitor..
 

8 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Encrypt traffic between Solaris 8 hosts

I have two Solaris 8 hosts that send data to one another throughout the day. It is a legacy system and the programs used are rdist, rcp and ftp. I have been asked to ensure that the data transferred is encrypted beween the two hosts. My first thought was to replace these commands with ssh.... (2 Replies)
Discussion started by: blp001
2 Replies

2. Shell Programming and Scripting

stripping http and https from a url using sed

I have to write a sed script which removes http and https from a URL. So if a URL is https://www.example.com or Example Web Page, script should return me Example Web Page i tried echo $url | sed 's|^http://||g'. It doesn't work. Please help (4 Replies)
Discussion started by: vickylife
4 Replies

3. Shell Programming and Scripting

http and https

Hi friends, I have a local host http://ss3/cgi-bin/page/page_list.cgi running on apache webserver perfectly well. But suddenly, it stopped working and gave an error "Internet explorer Explorer cannot display the webpage". But when i added https, as https://ss3/cgi-bin/page/page_list.cgi the... (2 Replies)
Discussion started by: nmattam
2 Replies

4. UNIX for Advanced & Expert Users

How iptables directs to localhost in this series of iptable rules

Hello, I have implimented a dansguardian system using dansguardian and privoxy. I borrowed a script from Ubuntu CE that makes it where a firewall program like firehol is not needed and it doesn't need a reconfigure of the proxy settings in browsers to be changed. I really like it that way. All... (7 Replies)
Discussion started by: Narnie
7 Replies

5. Web Development

redirect http to https in apache

i read thru a few article how to do it, but i could not get it to work the way i want it. vi ../httpd.conf Redirect permanent /dev https://servername/portal/ when i type servername, works fine. my goal is to type dev, and it takes me to https://servername/portal/ (4 Replies)
Discussion started by: lawsongeek
4 Replies

6. UNIX for Advanced & Expert Users

redirect http traffic

hi, i have freebsd gateway with ipfw as router. Recently i have setup squid-3.1.10 caching server for my lan. I want to redirect http,https traffic from gateway to linux squid box. below is my setup rl0--->xxx.xxx.xxx.xxx (connected to ISP) rl1 -->192.168.1.0/24 (my lan)... (1 Reply)
Discussion started by: goog
1 Replies

7. Web Development

Mod_rewrite http to https

Hi Team, I have a question on the apache mod_rewrite module. I have a requirement of rewriting only specific url's to https. Requirement below:- want to match a word (test) on the url and if matches then it should rewrite to https. example:- ... (1 Reply)
Discussion started by: arumon
1 Replies

8. UNIX for Advanced & Expert Users

Apache - tcpdump get HTTP and HTTPS Headers

Hello I googled for "tcpdump view HOST http headers" -- that fine However can we do same for HTTPS like after the HTTPS gets decrypted by Apache ? I think this is legitimate on the server where the site is hosted since at some point the Apache itself needs to get the HOST patrameter in... (1 Reply)
Discussion started by: coolatt
1 Replies

LEARN ABOUT PHP

mongoclient.close

MONGOCLIENT.CLOSE(3)							 1						      MONGOCLIENT.CLOSE(3)

MongoClient::close - Closes this connection

SYNOPSIS

       public bool MongoClient::close ([boolean|string	$connection])

DESCRIPTION

	The  MongoClient.close(3) method forcefully closes a connection to the database, even if persistent connections are being used. You should
       never have to do this under normal circumstances.

PARAMETERS

	      o $connection
		- If connection is not given, or FALSE then connection that would be selected for writes would be closed. In a single-node config-
		uration,  that	is then the whole connection, but if you are connected to a replica set, close() will only close the connection to
		the primary server.  If connection is TRUE then all connections as known by the  connection  manager  will  be	closed.  This  can
		include  connections that are not referenced in the connection string used to create the object that you are calling close on.	If
		connection is a string argument, then it will only close the connection identified by this hash. Hashes are identifiers for a con-
		nection and can be obtained by calling MongoClient.getConnections(3).

RETURN VALUES

	Returns if the connection was successfully closed.

EXAMPLES

       Example #1

	      MongoClient.close(3) example

	      This example demonstrates how to selectively close all connections for secondaries only.

	      <?php
	      // Connect to a replicaset
	      $a = new MongoClient("mongodb://whisky:13000/?replicaset=seta");

	      $connections = $a->getConnections();

	      foreach ( $connections as $con )
	      {
		  // Loop over all the connections, and when the type is "SECONDARY"
		  // we close the connection
		  if ( $con['connection']['connection_type_desc'] == "SECONDARY" )
		  {
		      echo "Closing '{$con['hash']}': ";
		      $closed = $a->close( $con['hash'] );
		      echo $closed ? "ok" : "failed", "
";
		  }
	      }
	      ?>

	      The above example will output:

	      Closing 'whisky:13001;X;4948': ok

CHANGELOG

       +--------+---------------------------------------------------+
       |Version |						    |
       |	|						    |
       |	|		     Description		    |
       |	|						    |
       +--------+---------------------------------------------------+
       | 1.3.0	|						    |
       |	|						    |
       |	|  The	$connection  parameter to this function was |
       |	| added in 1.3.0. Before that, only the write  con- |
       |	| nection would be closed by this method.	    |
       |	|						    |
       | 1.2.0	|						    |
       |	|						    |
       |	|  Before  version  1.2.0  the driver would not use |
       |	| persistent connections by default, and  all  con- |
       |	| nections  would  be  closed  as soon as a MongoDB |
       |	| connection went out if scope. Since version 1.2.0 |
       |	| this	is  no longer the case and it is a bad idea |
       |	| to call close as you might end up overloading the |
       |	| server with connections under high load.	    |
       |	|						    |
       +--------+---------------------------------------------------+
SEE ALSO 
MongoClient.getConnections(3).
PHP Documentation Group 												      MONGOCLIENT.CLOSE(3)
All times are GMT -4. The time now is 12:44 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy