Re: ESTABLISHED connections

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 3/13/2015 7:17 PM, el kalin wrote:


if i have this in the

<Directory "/server/doc/root">

         Order allow,deny
         Allow from all
         deny from 111.10.250.188
</Directory>

how come this:

tcp        0      0  ip-10-102-190-93.http  111.10.250.188.21806
ESTABLISHED
tcp        0      0  ip-10-102-190-93.http  111.10.250.188.21805
ESTABLISHED
tcp        0      0  ip-10-102-190-93.http  111.10.250.188.23202
ESTABLISHED
tcp        0      0  ip-10-102-190-93.http  111.10.250.188.23188
ESTABLISHED
tcp        0      0  ip-10-102-190-93.http  111.10.250.188.22544
ESTABLISHED
tcp        0      0  ip-10-102-190-93.http  111.10.250.188.22490
ESTABLISHED
tcp        0      0  ip-10-102-190-93.http  111.10.250.188.23364
ESTABLISHED
tcp        0      0  ip-10-102-190-93.http  111.10.250.188.23365
ESTABLISHED
tcp        0      0  ip-10-102-190-93.http  111.10.250.188.22825
ESTABLISHED
tcp        0      0  ip-10-102-190-93.http  111.10.250.188.22751
ESTABLISHED
tcp        0      0  ip-10-102-190-93.http  111.10.250.188.22561
ESTABLISHED
tcp        0      0  ip-10-102-190-93.http  111.10.250.188.22340
ESTABLISHED
tcp        0      0  ip-10-102-190-93.http  111.10.250.188.22339
ESTABLISHED
tcp        0      0  ip-10-102-190-93.http  111.10.250.188.23151
ESTABLISHED
tcp        0      0  ip-10-102-190-93.http  111.10.250.188.23159
ESTABLISHED
tcp        0      0  ip-10-102-190-93.http  111.10.250.188.22698
ESTABLISHED
tcp        0      0  ip-10-102-190-93.http  111.10.250.188.22512
ESTABLISHED
tcp        0      0  ip-10-102-190-93.http  111.10.250.188.22457
ESTABLISHED
tcp        0      0  ip-10-102-190-93.http  111.10.250.188.22416
ESTABLISHED
tcp        0      0  ip-10-102-190-93.http  111.10.250.188.22403
ESTABLISHED
tcp        0      0  ip-10-102-190-93.http  111.10.250.188.23377
ESTABLISHED
tcp        0      0  ip-10-102-190-93.http  111.10.250.188.23376
ESTABLISHED
tcp        0      0  ip-10-102-190-93.http  111.10.250.188.23105
ESTABLISHED
tcp        0      0  ip-10-102-190-93.http  111.10.250.188.23108
ESTABLISHED
tcp        0      0  ip-10-102-190-93.http  111.10.250.188.22803
ESTABLISHED
tcp        0      0  ip-10-102-190-93.http  111.10.250.188.22135
ESTABLISHED
tcp        0      0  ip-10-102-190-93.http  111.10.250.188.dcap
ESTABLISHED
tcp        0      0  ip-10-102-190-93.http  111.10.250.188.21924
ESTABLISHED
tcp        0      0  ip-10-102-190-93.http  111.10.250.188.21923
ESTABLISHED
tcp        0      0  ip-10-102-190-93.http  111.10.250.188.23329
ESTABLISHED
tcp        0      0  ip-10-102-190-93.http  111.10.250.188.23319
ESTABLISHED
tcp        0      0  ip-10-102-190-93.http  111.10.250.188.22546
ESTABLISHED
tcp        0      0  ip-10-102-190-93.http  111.10.250.188.22545
ESTABLISHED
tcp        0      0  ip-10-102-190-93.http  111.10.250.188.22139
ESTABLISHED
tcp        0      0  ip-10-102-190-93.http  111.10.250.188.21694
ESTABLISHED
tcp        0      0  ip-10-102-190-93.http  111.10.250.188.21658
ESTABLISHED
tcp        0      0  ip-10-102-190-93.http  111.10.250.188.23075
ESTABLISHED
tcp        0      0  ip-10-102-190-93.http  111.10.250.188.23074
ESTABLISHED
tcp        0      0  ip-10-102-190-93.http  111.10.250.188.23026
ESTABLISHED
tcp        0      0  ip-10-102-190-93.http  111.10.250.188.23025
ESTABLISHED
tcp        0      0  ip-10-102-190-93.http  111.10.250.188.inovapo
ESTABLISHED


this is growing with every netstat i do.  any ideas???

thanks…


I believe your Order allow, deny is correct.
You are controlling what can be served by Apache, but not the actual network connection to your Apache server, hence the continued entries in your connection table. I would assume your Apache error log is spewing lots of access denied or such errors indicating your deny is working.
If you really want to keep a given an IP address completely out of Apache, block it in iptables or better yet the firewall behind which your Apache server sits, but iptables will do it. 

--
Jim Albert


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux