kernel: possible SYN flooding on port 80. Sending cookies.

ov 15 20:17:54 sansung201212 kernel: possible SYN flooding on port 80. Sending cookies.
Nov 15 20:18:54 sansung201212 kernel: possible SYN flooding on port 80. Sending cookies.
Nov 15 20:19:54 sansung201212 kernel: possible SYN flooding on port 80. Sending cookies.
Nov 15 20:20:55 sansung201212 kernel: possible SYN flooding on port 80. Sending cookies.
Nov 15 20:21:55 sansung201212 kernel: possible SYN flooding on port 80. Sending cookies.
Nov 15 20:22:55 sansung201212 kernel: possible SYN flooding on port 80. Sending cookies.
Nov 15 20:23:55 sansung201212 kernel: possible SYN flooding on port 80. Sending cookies.
Nov 15 20:24:55 sansung201212 kernel: possible SYN flooding on port 80. Sending cookies.
Nov 15 20:25:55 sansung201212 kernel: possible SYN flooding on port 80. Sending cookies.
Nov 15 20:26:55 sansung201212 kernel: possible SYN flooding on port 80. Sending cookies.
Nov 15 20:27:42 sansung201212 kernel: squid[28864]: segfault at 8b5 ip 00e0b077 sp bfc12880 error 6 in squid[c61000+2f1000]
Nov 15 20:27:44 sansung201212 abrt[29560]: Saved core dump of pid 28864 (/usr/sbin/squid) to /var/spool/abrt/ccpp-2012-11-15-20:27:42-28864 (248262656 bytes)
Nov 15 20:27:44 sansung201212 abrtd: Directory 'ccpp-2012-11-15-20:27:42-28864' creation detected
Nov 15 20:27:44 sansung201212 abrtd: Size of '/var/spool/abrt' >= 1000 MB, deleting 'ccpp-2012-11-15-16:49:29-24735'
Nov 15 20:27:44 sansung201212 abrt[29560]: /var/spool/abrt is 1644048663 bytes (more than 1279MiB), deleting 'ccpp-2012-11-15-16:49:29-24735'
Nov 15 20:27:44 sansung201212 abrt[29560]: Lock file '/var/spool/abrt/ccpp-2012-11-15-16:49:29-24735/.lock' is locked by process 1278
Nov 15 20:27:45 sansung201212 abrt[29560]: '/var/spool/abrt/ccpp-2012-11-15-16:49:29-24735' does not exist
Nov 15 20:27:45 sansung201212 squid[28862]: Squid Parent: child process 28864 exited due to signal 11 with status 0
Nov 15 20:27:47 sansung201212 squid[29619]: Squid Parent: child process 29621 started
Nov 15 20:27:48 sansung201212 squid[28862]: Squid Parent: child process 29670 started
Nov 15 20:27:48 sansung201212 squid[28862]: Squid Parent: child process 29670 exited with status 0
[root@sansung201212 log]# sysctl -a|grep syn_backlog
net.ipv4.tcp_max_syn_backlog = 512
[root@sansung201212 log]#

echo 90048 > /proc/sys/net/ipv4/tcp_max_syn_backlog

[root@sansung201212 log]# sysctl -a|grep syn_backlog
net.ipv4.tcp_max_syn_backlog = 1024
 

netstat -anlp | wc -l

20509

 
cat /proc/sys/net/ipv4/tcp_fin_timeout
60
 
echo 10 >  /proc/sys/net/ipv4/tcp_fin_timeout

 
 
 cat /proc/sys/net/ipv4/tcp_syncookies
1


 netstat -ntop | more
netstat -ntop | wc -l

echo 1 > /proc/sys/net/ipv4/tcp_tw_recycle
or
sysctl -w net.ipv4.tcp_tw_recycle = 1



 

cat /proc/sys/net/core/somaxconn
128
[root@sau  logs]# echo 90048 > /proc/sys/net/core/somaxconn
[root@sau  logs]#
[root@sau logs]# cat /proc/sys/net/core/somaxconn
2048

 

netstat | grep 'TIME_WAIT' |wc -l

 

cat /proc/sys/net/ipv4/tcp_fin_timeout

echo 10 > /proc/sys/net/ipv4/tcp_fin_timeout

 

 

 ulimit -n 99535

오픈 파일 갯수 늘릭

ulimit -a  // 정보 보기 

 

==================================================

/etc/sysctl.conf 

net.core.somaxconn = 99960

 

추가 후 

sysctl -p

============================================

 vim /etc/security/limits.conf 

 

squid soft nofile 99192
squid hard nofile 99192

nginx soft nofile  99192
nginx hard nofile  99192

######################################

*                 soft    nofile           99192

*                 hard    nofile           99192

======================================

.bashrc

==============================

ulimit -u 8192
ulimit -n 2048

==========================

 

 

okToAccept: WARNING! Your cache is running out of filedescriptors

 

squid 

 

vim /etc/squid/squid.conf

 

 

 

max_filedesc 54096

squid stop

squid start

 

squidclient mgr:info

 

 

File descriptor usage for squid:

        Maximum number of file descriptors:   1024

        Largest file desc currently in use:    850

        Number of file desc currently in use:  821

        Files queued for open:                   0

        Available number of file descriptors:  203

        Reserved number of file descriptors:   100

        Store Disk files open:                   0

 

 

 

File descriptor usage for squid:

        Maximum number of file descriptors:   99192

        Largest file desc currently in use:     14

        Number of file desc currently in use:    8

        Files queued for open:                   0

        Available number of file descriptors: 99184

        Reserved number of file descriptors:   100

        Store Disk files open:                   0