1
Sítě / Re:Iptables blokace komunikace mezi eth0 a eth4
« kdy: 18. 09. 2019, 07:46:13 »Tak echo reply musí někudy odcházet?Už asi rozumím, ono to přichází i odchází eth0 a ne že to přijde eth0 a odejde eth4Nerozumíte.
Nikam to neodchází.
Tato sekce Vám umožňuje zobrazit všechny příspěvky tohoto uživatele. Prosím uvědomte si, že můžete vidět příspěvky pouze z oblastí Vám přístupných.
Tak echo reply musí někudy odcházet?Už asi rozumím, ono to přichází i odchází eth0 a ne že to přijde eth0 a odejde eth4Nerozumíte.
Nikam to neodchází.
Tohle funguje, nerozumím proč to nefunguje s těma rozhraními eth0 a eth4 ?Kód: [Vybrat]iptables -t filter -A INPUT -s 192.168.1.0/24 -d 192.168.12.1 -j DROP
Protoze to co tece na interface na gatewayi neni FORWARD ale INPUT presto ze je to jiny interface nez na kterem to pritejka.Zkusil jsem:
iptables -t filter -A INPUT -i eth4 -j DROP
Výsledek je stejný.
Protoze neni zadny pravidlo ktery by to blokovalo?Omlouvám se, upravil jsem, ale výsledek je stejný
Oba uvedeny radky maji stejny vyznam (vstupni iface je eth0, vystupni je eth4).
iptables -I FORWARD -i eth0 -o eth4 -j DROP
iptables -I FORWARD -i eth4 -o eth0 -j DROP
iptables -I FORWARD -i eth0 -o eth4 -j DROP
iptables -I FORWARD -o eth4 -i eth0 -j DROP
Chrome hlásí chybu 414. Zvláštní je, že to vrací stránku chrome a ne nginx viz. příloha
Google Chrome pokud vím zobrazuje vlastní HTTP Error page, pokud stránka ze serveru má 512 B nebo méně.
https://cssdxsx.cz/?oauth2callback=1&code=4/nQEWiMicXkEt7qT8JredfHzI3-AYlD-dhXjVFeihaIhuA_b14gzjDz3Vwa8wNaE3Q3KaoLSe_50yRqACTgTJXqc&scope=email%20profile%20openid%20https://www.googleapis.com/auth/userinfo.profile%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/webmasters%20https://www.googleapis.com/auth/siteverification&authuser=0&session_state=78a57a818728bd6cea3b0b55b9ff6cf58ef4373a..4756&prompt=consent
Konfigurace nginx.confclient_header_buffer_size 2048k;
large_client_header_buffers 4 2048k;
client_max_body_size 12m;
client_body_buffer_size 128k;
output_buffers 1 32k;
postpone_output 1460;
client_header_timeout 3m;
client_body_timeout 3m;
send_timeout 3m;
"GET /?oauth2callback=1&code=4/nQEWiMicXkEt7qT8JredfHzI3-AYlD-dhXjVFeihaIhuA_b14gzjDz3Vwa8wNaE3Q3KaoLSe_50yRqACTgTJXqc&scope=email%20profile%20openid%20https://www.googleapis.com/auth/userinfo.profile%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/webmasters%20https://www.googleapis.com/auth/siteverification&authuser=0&session_state=78a57a818728bd6cea3b0b55b9ff6cf58ef4373a..4756&prompt=consent HTTP/2.0" 414 129 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.132 Safari/537.36"
iotop si pustil?A co přesně mám hledat? IO>0
smartctl -a /dev/sda
smartctl 6.4 2014-10-07 r4002 [x86_64-linux-3.16.0-4-amd64] (local build)
Copyright (C) 2002-14, Bruce Allen, Christian Franke, www.smartmontools.org
=== START OF INFORMATION SECTION ===
Model Family: Intel 530 Series SSDs
Device Model: INTEL SSDSC2BW240A4
Serial Number: BTDA327101HH2403GN
LU WWN Device Id: 5 001517 8f3660734
Firmware Version: DC02
User Capacity: 240,057,409,536 bytes [240 GB]
Sector Size: 512 bytes logical/physical
Rotation Rate: Solid State Device
Device is: In smartctl database [for details use: -P show]
ATA Version is: ACS-2 (minor revision not indicated)
SATA Version is: SATA 3.0, 6.0 Gb/s (current: 6.0 Gb/s)
Local Time is: Sun Sep 8 15:15:46 2019 CEST
SMART support is: Available - device has SMART capability.
SMART support is: Enabled
=== START OF READ SMART DATA SECTION ===
SMART overall-health self-assessment test result: FAILED!
Drive failure expected in less than 24 hours. SAVE ALL DATA.
See vendor-specific Attribute list for failed Attributes.
General SMART Values:
Offline data collection status: (0x02) Offline data collection activity
was completed without error.
Auto Offline Data Collection: Disabled.
Self-test execution status: ( 0) The previous self-test routine completed
without error or no self-test has ever
been run.
Total time to complete Offline
data collection: ( 5860) seconds.
Offline data collection
capabilities: (0x7f) SMART execute Offline immediate.
Auto Offline data collection on/off support.
Abort Offline collection upon new
command.
Offline surface scan supported.
Self-test supported.
Conveyance Self-test supported.
Selective Self-test supported.
SMART capabilities: (0x0003) Saves SMART data before entering
power-saving mode.
Supports SMART auto save timer.
Error logging capability: (0x01) Error logging supported.
General Purpose Logging supported.
Short self-test routine
recommended polling time: ( 1) minutes.
Extended self-test routine
recommended polling time: ( 48) minutes.
Conveyance self-test routine
recommended polling time: ( 2) minutes.
SCT capabilities: (0x0025) SCT Status supported.
SCT Data Table supported.
SMART Attributes Data Structure revision number: 10
Vendor Specific SMART Attributes with Thresholds:
ID# ATTRIBUTE_NAME FLAG VALUE WORST THRESH TYPE UPDATED WHEN_FAILED RAW_VALUE
5 Reallocated_Sector_Ct 0x0032 100 100 000 Old_age Always - 8
9 Power_On_Hours_and_Msec 0x0032 100 100 000 Old_age Always - 37262h+07m+30.480s
12 Power_Cycle_Count 0x0032 100 100 000 Old_age Always - 6
170 Available_Reservd_Space 0x0033 001 001 010 Pre-fail Always FAILING_NOW 0
171 Program_Fail_Count 0x0032 100 100 000 Old_age Always - 4
172 Erase_Fail_Count 0x0032 100 100 000 Old_age Always - 0
174 Unexpect_Power_Loss_Ct 0x0032 100 100 000 Old_age Always - 51
183 SATA_Downshift_Count 0x0032 100 100 000 Old_age Always - 0
184 End-to-End_Error 0x0033 100 100 090 Pre-fail Always - 0
187 Uncorrectable_Error_Cnt 0x0032 000 000 000 Old_age Always - 104
190 Airflow_Temperature_Cel 0x0032 034 049 000 Old_age Always - 34 (Min/Max 20/49)
192 Power-Off_Retract_Count 0x0032 100 100 000 Old_age Always - 51
199 UDMA_CRC_Error_Count 0x0032 100 100 000 Old_age Always - 0
225 Host_Writes_32MiB 0x0032 100 100 000 Old_age Always - 1608451
226 Workld_Media_Wear_Indic 0x0032 100 100 000 Old_age Always - 65535
227 Workld_Host_Reads_Perc 0x0032 100 100 000 Old_age Always - 34
228 Workload_Minutes 0x0032 100 100 000 Old_age Always - 65535
232 Available_Reservd_Space 0x0033 001 001 010 Pre-fail Always FAILING_NOW 0
233 Media_Wearout_Indicator 0x0032 066 066 000 Old_age Always - 0
241 Host_Writes_32MiB 0x0032 100 100 000 Old_age Always - 1608451
242 Host_Reads_32MiB 0x0032 100 100 000 Old_age Always - 844553
249 NAND_Writes_1GiB 0x0032 100 100 000 Old_age Always - 397202
SMART Error Log not supported
SMART Self-test log structure revision number 1
Num Test_Description Status Remaining LifeTime(hours) LBA_of_first_error
# 1 Short offline Completed without error 00% 37248 -
# 2 Offline Interrupted (host reset) 10% 20433 -
# 3 Extended offline Completed without error 00% 20424 -
# 4 Extended offline Completed without error 00% 20411 -
# 5 Offline Interrupted (host reset) 10% 20410 -
# 6 Extended offline Completed without error 00% 20410 -
# 7 Extended offline Completed without error 00% 20398 -
# 8 Offline Interrupted (host reset) 10% 20397 -
# 9 Offline Interrupted (host reset) 10% 4 -
#10 Offline Interrupted (host reset) 10% 0 -
#11 Offline Interrupted (host reset) 10% 0 -
#12 Offline Interrupted (host reset) 10% 0 -
SMART Selective self-test log data structure revision number 0
Note: revision number not 1 implies that no selective self-test has ever been run
SPAN MIN_LBA MAX_LBA CURRENT_TEST_STATUS
1 0 0 Not_testing
2 0 0 Not_testing
3 0 0 Not_testing
4 0 0 Not_testing
5 0 0 Not_testing
Selective self-test flags (0x0):
After scanning selected spans, do NOT read-scan remainder of disk.
If Selective self-test is pending on power-up, resume after 0 minute delay.
cat /proc/mdstat
Personalities : [raid1]
md2 : active raid1 sda3[0] sdb3[1]
216994368 blocks super 1.2 [2/2] [UU]
bitmap: 2/2 pages [8KB], 65536KB chunk
md1 : active raid1 sda2[0] sdb2[1]
523712 blocks super 1.2 [2/2] [UU]
md0 : active raid1 sda1[0] sdb1[1]
16760832 blocks super 1.2 [2/2] [UU]
unused devices: <none>
smartctl -a /dev/sdb
smartctl 6.4 2014-10-07 r4002 [x86_64-linux-3.16.0-4-amd64] (local build)
Copyright (C) 2002-14, Bruce Allen, Christian Franke, www.smartmontools.org
=== START OF INFORMATION SECTION ===
Model Family: Intel 530 Series SSDs
Device Model: INTEL SSDSC2BW240A4
Serial Number: BTDA327105PZ2403GN
LU WWN Device Id: 5 001517 8f3661985
Firmware Version: DC02
User Capacity: 240,057,409,536 bytes [240 GB]
Sector Size: 512 bytes logical/physical
Rotation Rate: Solid State Device
Device is: In smartctl database [for details use: -P show]
ATA Version is: ACS-2 (minor revision not indicated)
SATA Version is: SATA 3.0, 6.0 Gb/s (current: 6.0 Gb/s)
Local Time is: Sun Sep 8 14:03:44 2019 CEST
SMART support is: Available - device has SMART capability.
SMART support is: Enabled
=== START OF READ SMART DATA SECTION ===
SMART overall-health self-assessment test result: FAILED!
Drive failure expected in less than 24 hours. SAVE ALL DATA.
See vendor-specific Attribute list for failed Attributes.
General SMART Values:
Offline data collection status: (0x02) Offline data collection activity
was completed without error.
Auto Offline Data Collection: Disabled.
Self-test execution status: ( 0) The previous self-test routine completed
without error or no self-test has ever
been run.
Total time to complete Offline
data collection: ( 5860) seconds.
Offline data collection
capabilities: (0x7f) SMART execute Offline immediate.
Auto Offline data collection on/off support.
Abort Offline collection upon new
command.
Offline surface scan supported.
Self-test supported.
Conveyance Self-test supported.
Selective Self-test supported.
SMART capabilities: (0x0003) Saves SMART data before entering
power-saving mode.
Supports SMART auto save timer.
Error logging capability: (0x01) Error logging supported.
General Purpose Logging supported.
Short self-test routine
recommended polling time: ( 1) minutes.
Extended self-test routine
recommended polling time: ( 48) minutes.
Conveyance self-test routine
recommended polling time: ( 2) minutes.
SCT capabilities: (0x0025) SCT Status supported.
SCT Data Table supported.
SMART Attributes Data Structure revision number: 10
Vendor Specific SMART Attributes with Thresholds:
ID# ATTRIBUTE_NAME FLAG VALUE WORST THRESH TYPE UPDATED WHEN_FAILED RAW_VALUE
5 Reallocated_Sector_Ct 0x0032 100 100 000 Old_age Always - 2
9 Power_On_Hours_and_Msec 0x0032 100 100 000 Old_age Always - 37441h+14m+38.250s
12 Power_Cycle_Count 0x0032 100 100 000 Old_age Always - 6
170 Available_Reservd_Space 0x0033 001 001 010 Pre-fail Always FAILING_NOW 0
171 Program_Fail_Count 0x0032 100 100 000 Old_age Always - 1
172 Erase_Fail_Count 0x0032 100 100 000 Old_age Always - 0
174 Unexpect_Power_Loss_Ct 0x0032 100 100 000 Old_age Always - 83
183 SATA_Downshift_Count 0x0032 100 100 000 Old_age Always - 0
184 End-to-End_Error 0x0033 100 100 090 Pre-fail Always - 0
187 Uncorrectable_Error_Cnt 0x0032 060 060 000 Old_age Always - 40
190 Airflow_Temperature_Cel 0x0032 039 049 000 Old_age Always - 39 (Min/Max 20/49)
192 Power-Off_Retract_Count 0x0032 100 100 000 Old_age Always - 83
199 UDMA_CRC_Error_Count 0x0032 100 100 000 Old_age Always - 0
225 Host_Writes_32MiB 0x0032 100 100 000 Old_age Always - 1629373
226 Workld_Media_Wear_Indic 0x0032 100 100 000 Old_age Always - 65535
227 Workld_Host_Reads_Perc 0x0032 100 100 000 Old_age Always - 24
228 Workload_Minutes 0x0032 100 100 000 Old_age Always - 65535
232 Available_Reservd_Space 0x0033 001 001 010 Pre-fail Always FAILING_NOW 0
233 Media_Wearout_Indicator 0x0032 048 048 000 Old_age Always - 0
241 Host_Writes_32MiB 0x0032 100 100 000 Old_age Always - 1629373
242 Host_Reads_32MiB 0x0032 100 100 000 Old_age Always - 518191
249 NAND_Writes_1GiB 0x0032 100 100 000 Old_age Always - 468253
SMART Error Log not supported
SMART Self-test log structure revision number 1
Num Test_Description Status Remaining LifeTime(hours) LBA_of_first_error
# 1 Short offline Completed without error 00% 37441 -
# 2 Short offline Completed without error 00% 37424 -
# 3 Offline Interrupted (host reset) 10% 20433 -
# 4 Extended offline Completed without error 00% 20424 -
# 5 Extended offline Completed without error 00% 20411 -
# 6 Offline Interrupted (host reset) 10% 20410 -
# 7 Extended offline Completed without error 00% 20410 -
# 8 Extended offline Completed without error 00% 20398 -
# 9 Offline Interrupted (host reset) 10% 20397 -
#10 Offline Interrupted (host reset) 10% 4 -
#11 Offline Interrupted (host reset) 10% 0 -
#12 Offline Interrupted (host reset) 10% 0 -
#13 Offline Interrupted (host reset) 10% 0 -
SMART Selective self-test log data structure revision number 0
Note: revision number not 1 implies that no selective self-test has ever been run
SPAN MIN_LBA MAX_LBA CURRENT_TEST_STATUS
1 0 0 Not_testing
2 0 0 Not_testing
3 0 0 Not_testing
4 0 0 Not_testing
5 0 0 Not_testing
Selective self-test flags (0x0):
After scanning selected spans, do NOT read-scan remainder of disk.
If Selective self-test is pending on power-up, resume after 0 minute delay.
Je disk vadný? [global]
pid = /var/run/php/php7.2-fpm.pid
error_log = /var/log/php7.2-fpm.log
[global-pool]
user = www-data
group = www-data
listen = /var/run/php/php7.2-fpm.sock
listen.owner = www-data
listen.group = www-data
listen.mode = 0660
pm = dynamic
pm.start_servers = 15
pm.max_children = 25
pm.min_spare_servers = 5
pm.max_spare_servers = 25
pm.max_requests = 1000
Potřebuji rozdělit na 10 vhostů.