- 论坛徽章:
- 0
|
我的linux服务器最近apache服务总是被攻击,时间长了就死机。
去机房看,屏幕一堆错误代码,显示内存,swap都已经占满。
ssh, ftp包括终端登陆,一概进不去。
重启就好了,然后我发现只要启动apache,就会有这类信息出现:
(环境: fedora2 or centos5.1, httpd-2.2.3)
[root@www1 log]# tail messages
Feb 27 17:02:12 www1 kernel: printk: 2 messages suppressed.
Feb 27 17:02:17 www1 kernel: printk: 3 messages suppressed.
Feb 27 17:02:23 www1 kernel: printk: 2 messages suppressed.
Feb 27 17:02:31 www1 kernel: printk: 3 messages suppressed.
Feb 27 17:02:37 www1 kernel: printk: 6 messages suppressed.
Feb 27 17:02:41 www1 kernel: printk: 1 messages suppressed.
Feb 27 17:02:48 www1 kernel: printk: 7 messages suppressed.
Feb 27 17:02:52 www1 kernel: printk: 3 messages suppressed.
Feb 27 17:03:00 www1 kernel: printk: 4 messages suppressed.
Feb 27 17:03:02 www1 kernel: printk: 1 messages suppressed.
找了好多资料,没发现有解决办法,哪位高人能帮忙啊? 多谢!
相关内核代码:
/*
* This enforces a rate limit: not more than one kernel message
* every 5secs to make a denial-of-service attack impossible.
*
* All warning printk()s should be guarded by this function.
*/
int net_ratelimit(void)
{
static spinlock_t ratelimit_lock = SPIN_LOCK_UNLOCKED;
static unsigned long toks = 10*5*HZ;
static unsigned long last_msg;
static int missed;
unsigned long flags;
unsigned long now = jiffies;
spin_lock_irqsave(&ratelimit_lock, flags);
toks += now - last_msg;
last_msg = now;
if (toks > net_msg_burst)
toks = net_msg_burst;
if (toks >= net_msg_cost) {
int lost = missed;
missed = 0;
toks -= net_msg_cost;
spin_unlock_irqrestore(&ratelimit_lock, flags);
if (lost)
printk(KERN_WARNING "NET: %d messages suppressed.
", lost);
return 1;
}
missed++;
spin_unlock_irqrestore(&ratelimit_lock, flags);
return 0;
} |
|
|