Re: [fossil-users] [Bug?] [server] Processes of Fossil popping up unexpectedly

Fri, 22 Dec 2017 09:22:05 -0800 

Le 22/12/2017 à 16:10, Warren Young a écrit :


1. Your repo is public-facing.  Is this a reasonable number of
clients to be connected at any given time to this repo?  It seems
high to me, given the transient nature of most Fossil connections.


Only two devs have the right to modify the online repository.

I’d be surprised if there were more than 5 people connected to this repo 
at the same time.




lsof -i


Here again I expected you to look at the docs and infer that I meant
for you to filter out only the interesting ports, 8080 in your case.
-i:8080.


Hmm. Sorry.
As I said before, this server only runs Fossil and has no other purpose.

lsof -i:8080

COMMAND   PID   USER   FD   TYPE   DEVICE SIZE/OFF NODE NAME

fossil2 10468 myuser    0u  IPv4 42925675      0t0  TCP 
scw-f45a9f:http-alt->hn.kd.ny.adsl:59187 (ESTABLISHED)
fossil2 10468 myuser    1u  IPv4 42925675      0t0  TCP 
scw-f45a9f:http-alt->hn.kd.ny.adsl:59187 (ESTABLISHED)
fossil2 10468 myuser    2u  IPv4 42925675      0t0  TCP 
scw-f45a9f:http-alt->hn.kd.ny.adsl:59187 (ESTABLISHED)

fossil2 10468 myuser    3u  IPv4 35083942      0t0  TCP *:http-alt (LISTEN)

fossil2 10469 myuser    0u  IPv4 42925676      0t0  TCP 
scw-f45a9f:http-alt->112.80.138.198:54839 (ESTABLISHED)
fossil2 10469 myuser    1u  IPv4 42925676      0t0  TCP 
scw-f45a9f:http-alt->112.80.138.198:54839 (ESTABLISHED)
fossil2 10469 myuser    2u  IPv4 42925676      0t0  TCP 
scw-f45a9f:http-alt->112.80.138.198:54839 (ESTABLISHED)

fossil2 10469 myuser    3u  IPv4 35083942      0t0  TCP *:http-alt (LISTEN)

fossil2 10470 myuser    0u  IPv4 42925678      0t0  TCP 
scw-f45a9f:http-alt->182.138.158.40:36008 (ESTABLISHED)
fossil2 10470 myuser    1u  IPv4 42925678      0t0  TCP 
scw-f45a9f:http-alt->182.138.158.40:36008 (ESTABLISHED)
fossil2 10470 myuser    2u  IPv4 42925678      0t0  TCP 
scw-f45a9f:http-alt->182.138.158.40:36008 (ESTABLISHED)

fossil2 10470 myuser    3u  IPv4 35083942      0t0  TCP *:http-alt (LISTEN)

fossil2 10471 myuser    0u  IPv4 42925679      0t0  TCP 
scw-f45a9f:http-alt->112.64.209.135:44966 (ESTABLISHED)
fossil2 10471 myuser    1u  IPv4 42925679      0t0  TCP 
scw-f45a9f:http-alt->112.64.209.135:44966 (ESTABLISHED)
fossil2 10471 myuser    2u  IPv4 42925679      0t0  TCP 
scw-f45a9f:http-alt->112.64.209.135:44966 (ESTABLISHED)

fossil2 10471 myuser    3u  IPv4 35083942      0t0  TCP *:http-alt (LISTEN)

fossil2 10474 myuser    0u  IPv4 42925688      0t0  TCP 
scw-f45a9f:http-alt->175.42.2.225:51516 (ESTABLISHED)
fossil2 10474 myuser    1u  IPv4 42925688      0t0  TCP 
scw-f45a9f:http-alt->175.42.2.225:51516 (ESTABLISHED)
fossil2 10474 myuser    2u  IPv4 42925688      0t0  TCP 
scw-f45a9f:http-alt->175.42.2.225:51516 (ESTABLISHED)

fossil2 10474 myuser    3u  IPv4 35083942      0t0  TCP *:http-alt (LISTEN)

fossil2 10475 myuser    0u  IPv4 42925700      0t0  TCP 
scw-f45a9f:http-alt->124.235.138.25:64841 (ESTABLISHED)
fossil2 10475 myuser    1u  IPv4 42925700      0t0  TCP 
scw-f45a9f:http-alt->124.235.138.25:64841 (ESTABLISHED)
fossil2 10475 myuser    2u  IPv4 42925700      0t0  TCP 
scw-f45a9f:http-alt->124.235.138.25:64841 (ESTABLISHED)

fossil2 10475 myuser    3u  IPv4 35083942      0t0  TCP *:http-alt (LISTEN)

fossil2 10477 myuser    0u  IPv4 42925703      0t0  TCP 
scw-f45a9f:http-alt->221.13.12.222:34854 (ESTABLISHED)
fossil2 10477 myuser    1u  IPv4 42925703      0t0  TCP 
scw-f45a9f:http-alt->221.13.12.222:34854 (ESTABLISHED)
fossil2 10477 myuser    2u  IPv4 42925703      0t0  TCP 
scw-f45a9f:http-alt->221.13.12.222:34854 (ESTABLISHED)

fossil2 10477 myuser    3u  IPv4 35083942      0t0  TCP *:http-alt (LISTEN)

fossil2 12333 myuser    0u  IPv4 42952323      0t0  TCP 
scw-f45a9f:http-alt->221.13.12.209:50846 (ESTABLISHED)
fossil2 12333 myuser    1u  IPv4 42952323      0t0  TCP 
scw-f45a9f:http-alt->221.13.12.209:50846 (ESTABLISHED)
fossil2 12333 myuser    2u  IPv4 42952323      0t0  TCP 
scw-f45a9f:http-alt->221.13.12.209:50846 (ESTABLISHED)

fossil2 12333 myuser    3u  IPv4 35083942      0t0  TCP *:http-alt (LISTEN)

fossil2 12334 myuser    0u  IPv4 42952324      0t0  TCP 
scw-f45a9f:http-alt->182.138.162.53:64088 (ESTABLISHED)
fossil2 12334 myuser    1u  IPv4 42952324      0t0  TCP 
scw-f45a9f:http-alt->182.138.162.53:64088 (ESTABLISHED)
fossil2 12334 myuser    2u  IPv4 42952324      0t0  TCP 
scw-f45a9f:http-alt->182.138.162.53:64088 (ESTABLISHED)

fossil2 12334 myuser    3u  IPv4 35083942      0t0  TCP *:http-alt (LISTEN)

fossil2 12335 myuser    0u  IPv4 42952325      0t0  TCP 
scw-f45a9f:http-alt->106.114.63.0:17736 (ESTABLISHED)
fossil2 12335 myuser    1u  IPv4 42952325      0t0  TCP 
scw-f45a9f:http-alt->106.114.63.0:17736 (ESTABLISHED)
fossil2 12335 myuser    2u  IPv4 42952325      0t0  TCP 
scw-f45a9f:http-alt->106.114.63.0:17736 (ESTABLISHED)

fossil2 12335 myuser    3u  IPv4 35083942      0t0  TCP *:http-alt (LISTEN)

fossil2 12336 myuser    0u  IPv4 42952329      0t0  TCP 
scw-f45a9f:http-alt->139.227.182.157:55348 (ESTABLISHED)
fossil2 12336 myuser    1u  IPv4 42952329      0t0  TCP 
scw-f45a9f:http-alt->139.227.182.157:55348 (ESTABLISHED)
fossil2 12336 myuser    2u  IPv4 42952329      0t0  TCP 
scw-f45a9f:http-alt->139.227.182.157:55348 (ESTABLISHED)

fossil2 12336 myuser    3u  IPv4 35083942      0t0  TCP *:http-alt (LISTEN)

fossil2 12337 myuser    0u  IPv4 42952331      0t0  TCP 
scw-f45a9f:http-alt->114.221.126.160:64177 (ESTABLISHED)
fossil2 12337 myuser    1u  IPv4 42952331      0t0  TCP 
scw-f45a9f:http-alt->114.221.126.160:64177 (ESTABLISHED)
fossil2 12337 myuser    2u  IPv4 42952331      0t0  TCP 
scw-f45a9f:http-alt->114.221.126.160:64177 (ESTABLISHED)

fossil2 12337 myuser    3u  IPv4 35083942      0t0  TCP *:http-alt (LISTEN)

fossil2 12340 myuser    0u  IPv4 42952341      0t0  TCP 
scw-f45a9f:http-alt->125.119.221.109:33681 (ESTABLISHED)
fossil2 12340 myuser    1u  IPv4 42952341      0t0  TCP 
scw-f45a9f:http-alt->125.119.221.109:33681 (ESTABLISHED)
fossil2 12340 myuser    2u  IPv4 42952341      0t0  TCP 
scw-f45a9f:http-alt->125.119.221.109:33681 (ESTABLISHED)

fossil2 12340 myuser    3u  IPv4 35083942      0t0  TCP *:http-alt (LISTEN)

fossil2 12341 myuser    0u  IPv4 42952345      0t0  TCP 
scw-f45a9f:http-alt->221.13.12.26:38741 (ESTABLISHED)
fossil2 12341 myuser    1u  IPv4 42952345      0t0  TCP 
scw-f45a9f:http-alt->221.13.12.26:38741 (ESTABLISHED)
fossil2 12341 myuser    2u  IPv4 42952345      0t0  TCP 
scw-f45a9f:http-alt->221.13.12.26:38741 (ESTABLISHED)

fossil2 12341 myuser    3u  IPv4 35083942      0t0  TCP *:http-alt (LISTEN)

fossil2 15143 myuser    0u  IPv4 41819112      0t0  TCP 
scw-f45a9f:http-alt->109.129.203.110:63628 (ESTABLISHED)
fossil2 15143 myuser    1u  IPv4 41819112      0t0  TCP 
scw-f45a9f:http-alt->109.129.203.110:63628 (ESTABLISHED)
fossil2 15143 myuser    2u  IPv4 41819112      0t0  TCP 
scw-f45a9f:http-alt->109.129.203.110:63628 (ESTABLISHED)

fossil2 15143 myuser    3u  IPv4 35083942      0t0  TCP *:http-alt (LISTEN)

fossil2 15144 myuser    0u  IPv4 41819113      0t0  TCP 
scw-f45a9f:http-alt->109.129.203.110:63629 (ESTABLISHED)
fossil2 15144 myuser    1u  IPv4 41819113      0t0  TCP 
scw-f45a9f:http-alt->109.129.203.110:63629 (ESTABLISHED)
fossil2 15144 myuser    2u  IPv4 41819113      0t0  TCP 
scw-f45a9f:http-alt->109.129.203.110:63629 (ESTABLISHED)

fossil2 15144 myuser    3u  IPv4 35083942      0t0  TCP *:http-alt (LISTEN)
fossil2 17876 myuser    3u  IPv4 35083942      0t0  TCP *:http-alt (LISTEN)

fossil2 20253 myuser    0u  IPv4 39998491      0t0  TCP 
scw-f45a9f:http-alt->41.243.10.196:17284 (ESTABLISHED)
fossil2 20253 myuser    1u  IPv4 39998491      0t0  TCP 
scw-f45a9f:http-alt->41.243.10.196:17284 (ESTABLISHED)
fossil2 20253 myuser    2u  IPv4 39998491      0t0  TCP 
scw-f45a9f:http-alt->41.243.10.196:17284 (ESTABLISHED)

fossil2 20253 myuser    3u  IPv4 35083942      0t0  TCP *:http-alt (LISTEN)

fossil2 25581 myuser    0u  IPv4 41473287      0t0  TCP 
scw-f45a9f:http-alt->client-adsl-93-121-232-186.mediaserv.net:58675 
(ESTABLISHED)
fossil2 25581 myuser    1u  IPv4 41473287      0t0  TCP 
scw-f45a9f:http-alt->client-adsl-93-121-232-186.mediaserv.net:58675 
(ESTABLISHED)
fossil2 25581 myuser    2u  IPv4 41473287      0t0  TCP 
scw-f45a9f:http-alt->client-adsl-93-121-232-186.mediaserv.net:58675 
(ESTABLISHED)

fossil2 25581 myuser    3u  IPv4 35083942      0t0  TCP *:http-alt (LISTEN)

fossil2 25582 myuser    0u  IPv4 41473288      0t0  TCP 
scw-f45a9f:http-alt->client-adsl-93-121-232-186.mediaserv.net:57361 
(ESTABLISHED)
fossil2 25582 myuser    1u  IPv4 41473288      0t0  TCP 
scw-f45a9f:http-alt->client-adsl-93-121-232-186.mediaserv.net:57361 
(ESTABLISHED)
fossil2 25582 myuser    2u  IPv4 41473288      0t0  TCP 
scw-f45a9f:http-alt->client-adsl-93-121-232-186.mediaserv.net:57361 
(ESTABLISHED)

fossil2 25582 myuser    3u  IPv4 35083942      0t0  TCP *:http-alt (LISTEN)

fossil2 28558 myuser    0u  IPv4 42059949      0t0  TCP 
scw-f45a9f:http-alt->AMontpellier-658-1-186-163.w92-145.abo.wanadoo.fr:38444 
(ESTABLISHED)
fossil2 28558 myuser    1u  IPv4 42059949      0t0  TCP 
scw-f45a9f:http-alt->AMontpellier-658-1-186-163.w92-145.abo.wanadoo.fr:38444 
(ESTABLISHED)
fossil2 28558 myuser    2u  IPv4 42059949      0t0  TCP 
scw-f45a9f:http-alt->AMontpellier-658-1-186-163.w92-145.abo.wanadoo.fr:38444 
(ESTABLISHED)

fossil2 28558 myuser    3u  IPv4 35083942      0t0  TCP *:http-alt (LISTEN)

fossil2 28559 myuser    0u  IPv4 42059950      0t0  TCP 
scw-f45a9f:http-alt->AMontpellier-658-1-186-163.w92-145.abo.wanadoo.fr:38445 
(ESTABLISHED)
fossil2 28559 myuser    1u  IPv4 42059950      0t0  TCP 
scw-f45a9f:http-alt->AMontpellier-658-1-186-163.w92-145.abo.wanadoo.fr:38445 
(ESTABLISHED)
fossil2 28559 myuser    2u  IPv4 42059950      0t0  TCP 
scw-f45a9f:http-alt->AMontpellier-658-1-186-163.w92-145.abo.wanadoo.fr:38445 
(ESTABLISHED)

fossil2 28559 myuser    3u  IPv4 35083942      0t0  TCP *:http-alt (LISTEN)

fossil2 30076 myuser    0u  IPv4 38169958      0t0  TCP 
scw-f45a9f:http-alt->37.170.252.107:19513 (ESTABLISHED)
fossil2 30076 myuser    1u  IPv4 38169958      0t0  TCP 
scw-f45a9f:http-alt->37.170.252.107:19513 (ESTABLISHED)
fossil2 30076 myuser    2u  IPv4 38169958      0t0  TCP 
scw-f45a9f:http-alt->37.170.252.107:19513 (ESTABLISHED)

fossil2 30076 myuser    3u  IPv4 35083942      0t0  TCP *:http-alt (LISTEN)

fossil2 30077 myuser    0u  IPv4 38169959      0t0  TCP 
scw-f45a9f:http-alt->37.170.252.107:19514 (ESTABLISHED)
fossil2 30077 myuser    1u  IPv4 38169959      0t0  TCP 
scw-f45a9f:http-alt->37.170.252.107:19514 (ESTABLISHED)
fossil2 30077 myuser    2u  IPv4 38169959      0t0  TCP 
scw-f45a9f:http-alt->37.170.252.107:19514 (ESTABLISHED)

fossil2 30077 myuser    3u  IPv4 35083942      0t0  TCP *:http-alt (LISTEN)

fossil2 31100 myuser    0u  IPv4 37527154      0t0  TCP 
scw-f45a9f:http-alt->research.findmalware.org:41726 (ESTABLISHED)
fossil2 31100 myuser    1u  IPv4 37527154      0t0  TCP 
scw-f45a9f:http-alt->research.findmalware.org:41726 (ESTABLISHED)
fossil2 31100 myuser    2u  IPv4 37527154      0t0  TCP 
scw-f45a9f:http-alt->research.findmalware.org:41726 (ESTABLISHED)

fossil2 31100 myuser    3u  IPv4 35083942      0t0  TCP *:http-alt (LISTEN)




But since we have all the TCP/IP connections, let’s see if we can
learn something interesting from it.


fossil2 10468 myuser    3u  IPv4 35083942      0t0  TCP *:http-alt
(LISTEN) fossil2 10469 myuser    3u  IPv4 35083942      0t0  TCP
*:http-alt (LISTEN) fossil2 10470 myuser    3u  IPv4 35083942
0t0  TCP *:http-alt (LISTEN)


etc.  This is odd.  It looks like Fossil is forking off children
which listen and then never get anything.  Yet, we see the same PID
having many connections each already established.

What’s the TCP connection rate to this machine?



I don’t have statistics on this server. This is the dev part of my 
website. The main website (another server) has ~200 visitors per day.
I assume that people who go to dev section are not the majority. Maybe 
20 visitors per day if I’m optimistic…




There must be nice tools for that which a network security admin
would know about, but my off-the-cuff programmer brain brings up only
this:

$ sudo tshark -b duration:1 port 8080 and tcp.flags.syn==1 | wc -l

Ignore the complaint about “multiple capture files”.  We’re just
wanting to know how many SYNs per second appear.  Consider increasing
it to 10 seconds or so to get a better baseline if the connection
rate is in the single digits.



Sorry, that’s bogus.  Try this instead:

   $ sudo tshark -i scw-f45a9f -w x.pcap -b duration:5 -a files:1 \
     port 8080 and "tcp[tcpflags] & tcp-syn != 0”

Sorry. I tried but failed.

tshark: Lua: Error during loading:

 [string "/usr/share/wireshark/init.lua"]:46: dofile has been disabled 
due to running Wireshark as superuser. See 
http://wiki.wireshark.org/CaptureSetup/CapturePrivileges for help in 
running Wireshark as an unprivileged user.


I’ve added the user to the “wireshark” group, but it doesn’t work.

Same error message if i run this as root.

I’ll try again later.


Regards,
Olivier
_______________________________________________
fossil-users mailing list
fossil-users@lists.fossil-scm.org
http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users























					Reply via email to