OK.
It is very clear that something is still unclear about the system.
it has about 2-4k open connections which is not the hardest thing to
handle but is not just a small pry.
I do not remember if the tproxy sockets are suppose to show up in ss or
in any other place.
So now let's jump to iptables.
Do you have the nf_conntrack files I have mentioned before?
use the dump of iptables to see what rules are running on the system:
"iptables-save"
should do the trick but just remeber to remove any confidential IPs but
leave whatever you can.
And about the ulimit that I have mentioned before:
I did not wanted you to enter "ulimit -a" but to insert the line into
the squid init.d script which should be "/etc/init.d/squid".(second or
third line in the file)
this way once you will just run the script:
"/etc/init.d/squid"
you will see the output and we will be able to see what is the ulimit
on\in the bash script which squid will be also limited to.
Eliezer
On 11/08/2013 02:50 AM, Dr.x wrote:
> [root_at_squid ~]# lsof -u squid -a -i TCP -n -P >/tmp/tmp_lsof.1
> [root_at_squid ~]# cat /tmp/tmp_lsof.1 |wc -l
> 2023
> [root_at_squid ~]# cat /tmp/tmp_lsof.1 |grep UDP |wc -l
> 0
> [root_at_squid ~]# cat /tmp/tmp_lsof.1 |grep ESTABLISHED |wc -l
> 1841
> [root_at_squid ~]# cat /tmp/tmp_lsof.1 |grep TIME_WAIT |wc -l
> 0
> [root_at_squid ~]# cat /tmp/tmp_lsof.1 |grep CLOSE_WAIT |wc -l
> 1
> [root_at_squid ~]# cat /tmp/tmp_lsof.1 |grep ":80" |wc -l
> 2009
> [root_at_squid ~]# cat /tmp/tmp_lsof.1 |grep LISTEN |wc -l
> 8
> [root_at_squid ~]# cat /tmp/tmp_lsof.1 |grep ":3129" |wc -l
> 4
> [root_at_squid ~]#
> [root_at_squid ~]# lsof -i TCP -n -P >/tmp/tmp_lsof.2
> cat /tmp/tmp_lsof.2 |wc -l
> cat /tmp/tmp_lsof.2 |grep UDP |wc -l
> cat /tmp/tmp_lsof.2 |grep ESTABLISHED |wc -l
> cat /tmp/tmp_lsof.2 |grep TIME_WAIT |wc -l
> cat /tmp/tmp_lsof.2 |grep CLOSE_WAIT |wc -l
> cat /tmp/tmp_lsof.2 |grep LISTEN |wc -l
> cat /tmp/tmp_lsof.2 |grep ":80" |wc -l
> cat /tmp/tmp_lsof.2 |grep ":3129" |wc -l [root_at_squid ~]# cat /tmp/tmp_lsof.2
> |wc -l
> 2170
> [root_at_squid ~]# cat /tmp/tmp_lsof.2 |grep UDP |wc -l
> 0
> [root_at_squid ~]# cat /tmp/tmp_lsof.2 |grep ESTABLISHED |wc -l
> 1982
> [root_at_squid ~]# cat /tmp/tmp_lsof.2 |grep TIME_WAIT |wc -l
> 0
> [root_at_squid ~]# cat /tmp/tmp_lsof.2 |grep CLOSE_WAIT |wc -l
> 1
> [root_at_squid ~]# cat /tmp/tmp_lsof.2 |grep LISTEN |wc -l
> 28
> [root_at_squid ~]# cat /tmp/tmp_lsof.2 |grep ":80" |wc -l
> 2133
> [root_at_squid ~]# cat /tmp/tmp_lsof.2 |grep ":3129" |wc -l
> 4
> [root_at_squid ~]# ^C
>
> ==========================
> after sometime :
>
> [root_at_squid ~]# ^C
> [root_at_squid ~]# lsof -u squid -a -i TCP -n -P >/tmp/tmp_lsof.1
> [root_at_squid ~]# cat /tmp/tmp_lsof.1 |wc -l
> 2250
> [root_at_squid ~]# cat /tmp/tmp_lsof.1 |grep UDP |wc -l
> 0
> [root_at_squid ~]# cat /tmp/tmp_lsof.1 |grep ESTABLISHED |wc -l
> 2078
> [root_at_squid ~]# cat /tmp/tmp_lsof.1 |grep TIME_WAIT |wc -l
> 0
> [root_at_squid ~]# cat /tmp/tmp_lsof.1 |grep CLOSE_WAIT |wc -l
> 4
> [root_at_squid ~]# cat /tmp/tmp_lsof.1 |grep ":80" |wc -l
> 2236
> [root_at_squid ~]# cat /tmp/tmp_lsof.1 |grep LISTEN |wc -l
> 8
> [root_at_squid ~]# cat /tmp/tmp_lsof.1 |grep ":3129" |wc -l
> 4
> [root_at_squid ~]#
> [root_at_squid ~]#
> [root_at_squid ~]#
> [root_at_squid ~]#
> [root_at_squid ~]#
> [root_at_squid ~]# lsof -i TCP -n -P >/tmp/tmp_lsof.2
> cat /tmp/tmp_lsof.2 |wc -l
> cat /tmp/tmp_lsof.2 |grep UDP |wc -l
> cat /tmp/tmp_lsof.2 |grep ESTABLISHED |wc -l
> cat /tmp/tmp_lsof.2 |grep TIME_WAIT |wc -l
> cat /tmp/tmp_lsof.2 |grep CLOSE_WAIT |wc -l
> cat /tmp/tmp_lsof.2 |grep LISTEN |wc -l
> cat /tmp/tmp_lsof.2 |grep ":80" |wc -l
> cat /tmp/tmp_lsof.2 |grep ":3129" |wc -l [root_at_squid ~]# cat /tmp/tmp_lsof.2
> |wc -l
> 2184
> [root_at_squid ~]# cat /tmp/tmp_lsof.2 |grep UDP |wc -l
> 0
> [root_at_squid ~]# cat /tmp/tmp_lsof.2 |grep ESTABLISHED |wc -l
> 1999
> [root_at_squid ~]# cat /tmp/tmp_lsof.2 |grep TIME_WAIT |wc -l
> 0
> [root_at_squid ~]# cat /tmp/tmp_lsof.2 |grep CLOSE_WAIT |wc -l
> 4
> [root_at_squid ~]# cat /tmp/tmp_lsof.2 |grep LISTEN |wc -l
> 28
> [root_at_squid ~]# cat /tmp/tmp_lsof.2 |grep ":80" |wc -l
> 2149
> [root_at_squid ~]# cat /tmp/tmp_lsof.2 |grep ":3129" |wc -l
> 4
> [root_at_squid ~]#
>
>
>
> -----
> Dr.x
Received on Fri Nov 08 2013 - 01:08:17 MST
This archive was generated by hypermail 2.2.0 : Fri Nov 08 2013 - 12:00:20 MST