Hi I set this in /etc/sysctl.conf, but when I "sysctl -p" , linux-nnad:~ # sysctl -p sysctl: cannot stat /proc/sys/net/netfilter/nf_conntrack_tcp_timeout_close: No such file or directory sysctl: cannot stat /proc/sys/net/netfilter/nf_conntrack_tcp_timeout_close_wait: No such file or directory sysctl: cannot stat /proc/sys/net/netfilter/nf_conntrack_tcp_timeout_fin_wait: No such file or directory sysctl: cannot stat /proc/sys/net/netfilter/nf_conntrack_tcp_timeout_last_ack: No such file or directory sysctl: cannot stat /proc/sys/net/netfilter/nf_conntrack_tcp_timeout_syn_recv: No such file or directory sysctl: cannot stat /proc/sys/net/netfilter/nf_conntrack_tcp_timeout_syn_sent: No such file or directory sysctl: cannot stat /proc/sys/net/netfilter/nf_conntrack_tcp_timeout_time_wait: No such file or directory sysctl: cannot stat /proc/sys/net/netfilter/nf_conntrack_tcp_timeout_established: No such file or directory
net.netfilter.nf_conntrack_tcp_timeout_close = 5 net.netfilter.nf_conntrack_tcp_timeout_close_wait = 20 net.netfilter.nf_conntrack_tcp_timeout_fin_wait = 60 net.netfilter.nf_conntrack_tcp_timeout_last_ack = 60 net.netfilter.nf_conntrack_tcp_timeout_syn_recv = 60 net.netfilter.nf_conntrack_tcp_timeout_syn_sent = 60 net.netfilter.nf_conntrack_tcp_timeout_time_wait = 60 net.netfilter.nf_conntrack_tcp_timeout_established = 600 Am 22.03.2016 um 08:16 schrieb Liyaping (Security Tools): > Hi > > I install openvas v8 on Opensuse13.2, I have notice that gsad had > limit per ip 15 connections, > > after I use IE login into the gsad , I find that there has a lot of > "CLOSE_WAIT" state connections, sometimes the numbers will reach 15, I > will can?t connect to gsad , can you help me to solve this? > > linux-nnad:~ # netstat -anp | grep 9392 > > tcp 0 0 10.175.47.17:9392 0.0.0.0:* > LISTEN 10859/gsad > > tcp 0 0 10.175.47.17:9392 10.177.28.171:64004 > CLOSE_WAIT 10859/gsad > > tcp 0 0 10.175.47.17:9392 10.177.28.171:63217 > CLOSE_WAIT 10859/gsad > > tcp 0 0 10.175.47.17:9392 10.177.28.171:63218 > CLOSE_WAIT 10859/gsad > > tcp 0 0 10.175.47.17:9392 10.177.28.171:63928 > CLOSE_WAIT 10859/gsad > > tcp 0 0 10.175.47.17:9392 10.177.28.171:63214 > CLOSE_WAIT 10859/gsad > > tcp 0 0 10.175.47.17:9392 10.177.28.171:63215 > CLOSE_WAIT 10859/gsad > > tcp 0 0 10.175.47.17:9392 10.177.28.171:63929 > CLOSE_WAIT 10859/gsad > > tcp 0 0 10.175.47.17:9392 10.177.28.171:63213 > CLOSE_WAIT 10859/gsad > > tcp 0 0 10.175.47.17:9392 10.177.28.171:64005 > ESTABLISHED 10859/gsad > > tcp 0 0 10.175.47.17:9392 10.177.28.171:63216 > CLOSE_WAIT 10859/gsad -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 181 bytes Desc: OpenPGP digital signature URL: <http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20160322/738464b2/attachment-0001.sig> ------------------------------ Subject: Digest Footer _______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss ------------------------------ End of Openvas-discuss Digest, Vol 110, Issue 15 ************************************************ _______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
