On 3/13/2015 7:17 PM, el kalin wrote:
if i have this in the
<Directory "/server/doc/root">
Order allow,deny
Allow from all
deny from 111.10.250.188
</Directory>
how come this:
tcp 0 0 ip-10-102-190-93.http 111.10.250.188.21806
ESTABLISHED
tcp 0 0 ip-10-102-190-93.http 111.10.250.188.21805
ESTABLISHED
tcp 0 0 ip-10-102-190-93.http 111.10.250.188.23202
ESTABLISHED
tcp 0 0 ip-10-102-190-93.http 111.10.250.188.23188
ESTABLISHED
tcp 0 0 ip-10-102-190-93.http 111.10.250.188.22544
ESTABLISHED
tcp 0 0 ip-10-102-190-93.http 111.10.250.188.22490
ESTABLISHED
tcp 0 0 ip-10-102-190-93.http 111.10.250.188.23364
ESTABLISHED
tcp 0 0 ip-10-102-190-93.http 111.10.250.188.23365
ESTABLISHED
tcp 0 0 ip-10-102-190-93.http 111.10.250.188.22825
ESTABLISHED
tcp 0 0 ip-10-102-190-93.http 111.10.250.188.22751
ESTABLISHED
tcp 0 0 ip-10-102-190-93.http 111.10.250.188.22561
ESTABLISHED
tcp 0 0 ip-10-102-190-93.http 111.10.250.188.22340
ESTABLISHED
tcp 0 0 ip-10-102-190-93.http 111.10.250.188.22339
ESTABLISHED
tcp 0 0 ip-10-102-190-93.http 111.10.250.188.23151
ESTABLISHED
tcp 0 0 ip-10-102-190-93.http 111.10.250.188.23159
ESTABLISHED
tcp 0 0 ip-10-102-190-93.http 111.10.250.188.22698
ESTABLISHED
tcp 0 0 ip-10-102-190-93.http 111.10.250.188.22512
ESTABLISHED
tcp 0 0 ip-10-102-190-93.http 111.10.250.188.22457
ESTABLISHED
tcp 0 0 ip-10-102-190-93.http 111.10.250.188.22416
ESTABLISHED
tcp 0 0 ip-10-102-190-93.http 111.10.250.188.22403
ESTABLISHED
tcp 0 0 ip-10-102-190-93.http 111.10.250.188.23377
ESTABLISHED
tcp 0 0 ip-10-102-190-93.http 111.10.250.188.23376
ESTABLISHED
tcp 0 0 ip-10-102-190-93.http 111.10.250.188.23105
ESTABLISHED
tcp 0 0 ip-10-102-190-93.http 111.10.250.188.23108
ESTABLISHED
tcp 0 0 ip-10-102-190-93.http 111.10.250.188.22803
ESTABLISHED
tcp 0 0 ip-10-102-190-93.http 111.10.250.188.22135
ESTABLISHED
tcp 0 0 ip-10-102-190-93.http 111.10.250.188.dcap
ESTABLISHED
tcp 0 0 ip-10-102-190-93.http 111.10.250.188.21924
ESTABLISHED
tcp 0 0 ip-10-102-190-93.http 111.10.250.188.21923
ESTABLISHED
tcp 0 0 ip-10-102-190-93.http 111.10.250.188.23329
ESTABLISHED
tcp 0 0 ip-10-102-190-93.http 111.10.250.188.23319
ESTABLISHED
tcp 0 0 ip-10-102-190-93.http 111.10.250.188.22546
ESTABLISHED
tcp 0 0 ip-10-102-190-93.http 111.10.250.188.22545
ESTABLISHED
tcp 0 0 ip-10-102-190-93.http 111.10.250.188.22139
ESTABLISHED
tcp 0 0 ip-10-102-190-93.http 111.10.250.188.21694
ESTABLISHED
tcp 0 0 ip-10-102-190-93.http 111.10.250.188.21658
ESTABLISHED
tcp 0 0 ip-10-102-190-93.http 111.10.250.188.23075
ESTABLISHED
tcp 0 0 ip-10-102-190-93.http 111.10.250.188.23074
ESTABLISHED
tcp 0 0 ip-10-102-190-93.http 111.10.250.188.23026
ESTABLISHED
tcp 0 0 ip-10-102-190-93.http 111.10.250.188.23025
ESTABLISHED
tcp 0 0 ip-10-102-190-93.http 111.10.250.188.inovapo
ESTABLISHED
this is growing with every netstat i do. any ideas???
thanks…
I believe your Order allow, deny is correct.
You are controlling what can be served by Apache, but not the actual
network connection to your Apache server, hence the continued entries in
your connection table. I would assume your Apache error log is spewing
lots of access denied or such errors indicating your deny is working.
If you really want to keep a given an IP address completely out of
Apache, block it in iptables or better yet the firewall behind which
your Apache server sits, but iptables will do it.
--
Jim Albert
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
