Hello:
I have a machine running CentOS 5 x86_64.
It is running apache httpd and tomcat.
For some reason, after running for a few days, web requests stop responding. It happened again this morning. I check the syslog and see a HUGE number of logs like this:
OUTPUT IN= OUT=eth0 SRC=[MyIP] DST=[OutsideIP] LEN=532 TOS=0x00 PREC=0x00 TTL=64 ID=52669 DF PROTO=TCP SPT=80 DPT=54697 WINDOW=61 RES=0x00 ACK PSH FIN URGP=0
Here are my iptables commands for http connections (I have the default policy set to drop):
# Allow http connections from the outside world /sbin/iptables -A INPUT -i eth0 -d $ETH0_IP -p tcp --sport 1024: --dport http -m state --state NEW,ESTABLISHED -j ACCEPT /sbin/iptables -A OUTPUT -o eth0 -s $ETH0_IP -p tcp --sport http --dport 1024: -m state --state ESTABLISHED -j ACCEPT
Here are some strange things: 1. I have the exact same rules running on two other servers which do not give me any trouble. 2. If I stop and restart httpd and tomcat, the problem goes away. This suggests the firewall is not a problem.
Any ideas what is going on?
Thanks, Neil
-- Neil Aggarwal, (832)245-7314, www.JAMMConsulting.com Eliminate junk email and reclaim your inbox. Visit http://www.spammilter.com for details.