Re: [CentOS] repeated local ephemeral to 80

2011-04-02 Thread Kai Schaetzl
well, first question: why don't you allow local access to port 80? There is no reason for that. This is httpd itself. Switch on the status page and then look for yourself. It's a well-known phenomenon since Apache 2.0 or 2.2. Kai ___ CentOS mailing

[CentOS] repeated local ephemeral to 80

2011-04-01 Thread Michael D. Berger
On my CentOS box that I use mainly as a web server, I have iptables set to log and reject anything that I don't expect. So lately, I have getting things like this: Mar 29 17:27:20 mbrc20 kernel: IPT-DROP IN= OUT=lo SRC=192.168.9.20 DST=192.168.9.20 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=46910 DF

Re: [CentOS] repeated local ephemeral to 80

2011-04-01 Thread m . roth
Michael D. Berger wrote: On my CentOS box that I use mainly as a web server, I have iptables set to log and reject anything that I don't expect. So lately, I have getting things like this: Mar 29 17:27:20 mbrc20 kernel: IPT-DROP IN= OUT=lo SRC=192.168.9.20 DST=192.168.9.20 LEN=60 TOS=0x00

Re: [CentOS] repeated local ephemeral to 80

2011-04-01 Thread Michael D. Berger
On Fri, 01 Apr 2011 11:32:16 -0400, m.roth-x6lchVBUigD1P9xLtpHBDw wrote: Michael D. Berger wrote: [...] snip Not great on this, but *if* I understand it, it's saying that the IP address of your server is 192.168.9.20, and it's talking to itself, at destination port 80 - apache, that would

Re: [CentOS] repeated local ephemeral to 80

2011-04-01 Thread Nicolas Thierry-Mieg
Michael D. Berger wrote: On Fri, 01 Apr 2011 11:32:16 -0400, m.roth-x6lchVBUigD1P9xLtpHBDw wrote: Michael D. Berger wrote: [...] snip Not great on this, but *if* I understand it, it's saying that the IP address of your server is 192.168.9.20, and it's talking to itself, at destination port

Re: [CentOS] repeated local ephemeral to 80

2011-04-01 Thread Michael D. Berger
On Fri, 01 Apr 2011 17:55:37 +0200, Nicolas Thierry-Mieg wrote: [...] you might be able to see the process with netstat when it's happening. I tried that; so far without success. Mike. ___ CentOS mailing list CentOS@centos.org

Re: [CentOS] repeated local ephemeral to 80

2011-04-01 Thread m . roth
Michael D. Berger wrote: On Fri, 01 Apr 2011 17:55:37 +0200, Nicolas Thierry-Mieg wrote: [...] you might be able to see the process with netstat when it's happening. I tried that; so far without success. Mike. Hmmm, maybe lsof. mark ___

Re: [CentOS] repeated local ephemeral to 80

2011-04-01 Thread Markus Falb
On 1.4.2011 17:20, Michael D. Berger wrote: On my CentOS box that I use mainly as a web server, I have iptables set to log and reject anything that I don't expect. So lately, I have getting things like this: Mar 29 17:27:20 mbrc20 kernel: IPT-DROP IN= OUT=lo SRC=192.168.9.20

Re: [CentOS] repeated local ephemeral to 80

2011-04-01 Thread Michael D. Berger
On Fri, 01 Apr 2011 22:10:58 +0200, Markus Falb wrote: [...] Mar 29 17:27:20 mbrc20 kernel: IPT-DROP IN= OUT=lo SRC=192.168.9.20 DST=192.168.9.20 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=46910 DF PROTO=TCP SPT=56624 DPT=80 WINDOW=32792 RES=0x00 SYN URGP=0 OPT