主页 / user-47099

Yehia A.Salam's questions

Martin Hope
Yehia A.Salam
Asked: 2017-06-29 13:48:49 +0800 CST
  • 0

我正在尝试连接到我在 centos7 上安装的 openvpn 服务器(按照本教程https://www.digitalocean.com/community/tutorials/how-to-setup-and-configure-an-openvpn-server-on- centos-7),似乎正在发生握手,但是连接不断重置。以下是日志:

客户端

Wed Jun 28 23:42:48 2017 OpenVPN 2.3.11 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] 
[PKCS11] [IPv6] built on May 10 2016
Wed Jun 28 23:42:48 2017 Windows version 6.2 (Windows 8 or greater) 64bit
Wed Jun 28 23:42:48 2017 library versions: OpenSSL 1.0.1t  3 May 2016, LZO 2.09
Wed Jun 28 23:42:48 2017 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Wed Jun 28 23:42:48 2017 Need hold release from management interface, waiting...
Wed Jun 28 23:42:48 2017 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Wed Jun 28 23:42:48 2017 MANAGEMENT: CMD 'state on'
Wed Jun 28 23:42:48 2017 MANAGEMENT: CMD 'log all on'
Wed Jun 28 23:42:49 2017 MANAGEMENT: CMD 'hold off'
Wed Jun 28 23:42:49 2017 MANAGEMENT: CMD 'hold release'
Wed Jun 28 23:42:49 2017 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Wed Jun 28 23:42:49 2017 Socket Buffers: R=[65536->65536] S=[65536->65536]
Wed Jun 28 23:42:49 2017 Attempting to establish TCP connection with [AF_INET]41.124.127.66:1194 [nonblock]
Wed Jun 28 23:42:49 2017 MANAGEMENT: >STATE:1498686169,TCP_CONNECT,,,
Wed Jun 28 23:42:50 2017 TCP connection established with [AF_INET]41.124.127.66:1194
Wed Jun 28 23:42:50 2017 TCPv4_CLIENT link local: [undef]
Wed Jun 28 23:42:50 2017 TCPv4_CLIENT link remote: [AF_INET]41.124.127.66:1194
Wed Jun 28 23:42:50 2017 MANAGEMENT: >STATE:1498686170,WAIT,,,
Wed Jun 28 23:42:50 2017 MANAGEMENT: >STATE:1498686170,AUTH,,,
Wed Jun 28 23:42:50 2017 TLS: Initial packet from [AF_INET]41.124.127.66:1194, sid=16544047 8d1189bc
Wed Jun 28 23:42:52 2017 Connection reset, restarting [-1]
Wed Jun 28 23:42:52 2017 SIGUSR1[soft,connection-reset] received, process restarting
Wed Jun 28 23:42:52 2017 MANAGEMENT: >STATE:1498686172,RECONNECTING,connection-reset,,
Wed Jun 28 23:42:52 2017 Restart pause, 5 second(s)
Wed Jun 28 23:42:57 2017 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Wed Jun 28 23:42:57 2017 Socket Buffers: R=[65536->65536] S=[65536->65536]
Wed Jun 28 23:42:57 2017 Attempting to establish TCP connection with [AF_INET]41.124.127.66:1194 [nonblock]
Wed Jun 28 23:42:57 2017 MANAGEMENT: >STATE:1498686177,TCP_CONNECT,,,
Wed Jun 28 23:42:58 2017 TCP connection established with [AF_INET]41.124.127.66:1194
Wed Jun 28 23:42:58 2017 TCPv4_CLIENT link local: [undef]
Wed Jun 28 23:42:58 2017 TCPv4_CLIENT link remote: [AF_INET]41.124.127.66:1194
Wed Jun 28 23:42:58 2017 MANAGEMENT: >STATE:1498686178,WAIT,,,
Wed Jun 28 23:42:58 2017 MANAGEMENT: >STATE:1498686178,AUTH,,,
Wed Jun 28 23:42:58 2017 TLS: Initial packet from [AF_INET]41.124.127.66:1194, sid=97dc8edb 5fa1846c
Wed Jun 28 23:42:58 2017 Connection reset, restarting [-1]
Wed Jun 28 23:42:58 2017 SIGUSR1[soft,connection-reset] received, process restarting
Wed Jun 28 23:42:58 2017 MANAGEMENT: >STATE:1498686178,RECONNECTING,connection-reset,,
Wed Jun 28 23:42:58 2017 Restart pause, 5 second(s)

服务器端

Wed Jun 28 21:34:02 2017 us=261389 Current Parameter Settings:
Wed Jun 28 21:34:02 2017 us=261470   config = 'server.conf'
Wed Jun 28 21:34:02 2017 us=261483   mode = 1
Wed Jun 28 21:34:02 2017 us=261491   persist_config = DISABLED
Wed Jun 28 21:34:02 2017 us=261498   persist_mode = 1
Wed Jun 28 21:34:02 2017 us=261504   show_ciphers = DISABLED
Wed Jun 28 21:34:02 2017 us=261510   show_digests = DISABLED
Wed Jun 28 21:34:02 2017 us=261516   show_engines = DISABLED
Wed Jun 28 21:34:02 2017 us=261522   genkey = DISABLED
Wed Jun 28 21:34:02 2017 us=261528   key_pass_file = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=261535   show_tls_ciphers = DISABLED
Wed Jun 28 21:34:02 2017 us=261542 Connection profiles [default]:
Wed Jun 28 21:34:02 2017 us=261549   proto = tcp-server
Wed Jun 28 21:34:02 2017 us=261555   local = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=261562   local_port = 1194
Wed Jun 28 21:34:02 2017 us=261568   remote = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=261574   remote_port = 1194
Wed Jun 28 21:34:02 2017 us=261580   remote_float = DISABLED
Wed Jun 28 21:34:02 2017 us=261586   bind_defined = DISABLED
Wed Jun 28 21:34:02 2017 us=261592   bind_local = ENABLED
Wed Jun 28 21:34:02 2017 us=261598   connect_retry_seconds = 5
Wed Jun 28 21:34:02 2017 us=261604   connect_timeout = 10
Wed Jun 28 21:34:02 2017 us=261610   connect_retry_max = 0
Wed Jun 28 21:34:02 2017 us=261616   socks_proxy_server = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=261623   socks_proxy_port = 0
Wed Jun 28 21:34:02 2017 us=261628   socks_proxy_retry = DISABLED
Wed Jun 28 21:34:02 2017 us=261635   tun_mtu = 1500
Wed Jun 28 21:34:02 2017 us=261641   tun_mtu_defined = ENABLED
Wed Jun 28 21:34:02 2017 us=261647   link_mtu = 1500
Wed Jun 28 21:34:02 2017 us=261653   link_mtu_defined = DISABLED
Wed Jun 28 21:34:02 2017 us=261659   tun_mtu_extra = 0
Wed Jun 28 21:34:02 2017 us=261665   tun_mtu_extra_defined = DISABLED
Wed Jun 28 21:34:02 2017 us=261671   mtu_discover_type = -1
Wed Jun 28 21:34:02 2017 us=261677   fragment = 0
Wed Jun 28 21:34:02 2017 us=261683   mssfix = 1450
Wed Jun 28 21:34:02 2017 us=261689   explicit_exit_notification = 0
Wed Jun 28 21:34:02 2017 us=261695 Connection profiles END
Wed Jun 28 21:34:02 2017 us=261701   remote_random = DISABLED
Wed Jun 28 21:34:02 2017 us=261707   ipchange = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=261718   dev = 'tun'
Wed Jun 28 21:34:02 2017 us=261727   dev_type = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=261733   dev_node = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=261739   lladdr = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=261746   topology = 1
Wed Jun 28 21:34:02 2017 us=261752   tun_ipv6 = DISABLED
Wed Jun 28 21:34:02 2017 us=261759   ifconfig_local = '10.8.0.1'
Wed Jun 28 21:34:02 2017 us=261765   ifconfig_remote_netmask = '10.8.0.2'
Wed Jun 28 21:34:02 2017 us=261771   ifconfig_noexec = DISABLED
Wed Jun 28 21:34:02 2017 us=261777   ifconfig_nowarn = DISABLED
Wed Jun 28 21:34:02 2017 us=261783   ifconfig_ipv6_local = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=261789   ifconfig_ipv6_netbits = 0
Wed Jun 28 21:34:02 2017 us=261796   ifconfig_ipv6_remote = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=261802   shaper = 0
Wed Jun 28 21:34:02 2017 us=261808   mtu_test = 0
Wed Jun 28 21:34:02 2017 us=261814   mlock = DISABLED
Wed Jun 28 21:34:02 2017 us=261821   keepalive_ping = 10
Wed Jun 28 21:34:02 2017 us=261828   keepalive_timeout = 120
Wed Jun 28 21:34:02 2017 us=261835   inactivity_timeout = 0
Wed Jun 28 21:34:02 2017 us=261841   ping_send_timeout = 10
Wed Jun 28 21:34:02 2017 us=261847   ping_rec_timeout = 240
Wed Jun 28 21:34:02 2017 us=261853   ping_rec_timeout_action = 2
Wed Jun 28 21:34:02 2017 us=261859   ping_timer_remote = DISABLED
Wed Jun 28 21:34:02 2017 us=261865   remap_sigusr1 = 0
Wed Jun 28 21:34:02 2017 us=261871   persist_tun = ENABLED
Wed Jun 28 21:34:02 2017 us=261877   persist_local_ip = DISABLED
Wed Jun 28 21:34:02 2017 us=261883   persist_remote_ip = DISABLED
Wed Jun 28 21:34:02 2017 us=261889   persist_key = ENABLED
Wed Jun 28 21:34:02 2017 us=261895   passtos = DISABLED
Wed Jun 28 21:34:02 2017 us=261901   resolve_retry_seconds = 1000000000
Wed Jun 28 21:34:02 2017 us=261915   username = 'nobody'
Wed Jun 28 21:34:02 2017 us=261922   groupname = 'nobody'
Wed Jun 28 21:34:02 2017 us=261928   chroot_dir = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=261934   cd_dir = '/etc/openvpn/'
Wed Jun 28 21:34:02 2017 us=261940   writepid = '/var/run/openvpn/server.pid'
Wed Jun 28 21:34:02 2017 us=261946   up_script = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=261952   down_script = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=261958   down_pre = DISABLED
Wed Jun 28 21:34:02 2017 us=261965   up_restart = DISABLED
Wed Jun 28 21:34:02 2017 us=261970   up_delay = DISABLED
Wed Jun 28 21:34:02 2017 us=261976   daemon = ENABLED
Wed Jun 28 21:34:02 2017 us=261982   inetd = 0
Wed Jun 28 21:34:02 2017 us=261988   log = ENABLED
Wed Jun 28 21:34:02 2017 us=261995   suppress_timestamps = DISABLED
Wed Jun 28 21:34:02 2017 us=262001   nice = 0
Wed Jun 28 21:34:02 2017 us=262038   verbosity = 6
Wed Jun 28 21:34:02 2017 us=262047   mute = 0
Wed Jun 28 21:34:02 2017 us=262053   gremlin = 0
Wed Jun 28 21:34:02 2017 us=262060   status_file = 'openvpn-status.log'
Wed Jun 28 21:34:02 2017 us=262066   status_file_version = 1
Wed Jun 28 21:34:02 2017 us=262072   status_file_update_freq = 60
Wed Jun 28 21:34:02 2017 us=262078   occ = ENABLED
Wed Jun 28 21:34:02 2017 us=262084   rcvbuf = 0
Wed Jun 28 21:34:02 2017 us=262090   sndbuf = 0
Wed Jun 28 21:34:02 2017 us=262096   mark = 0
Wed Jun 28 21:34:02 2017 us=262102   sockflags = 0
Wed Jun 28 21:34:02 2017 us=262108   fast_io = DISABLED
Wed Jun 28 21:34:02 2017 us=262114   lzo = 7
Wed Jun 28 21:34:02 2017 us=262120   route_script = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=262126   route_default_gateway = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=262132   route_default_metric = 0
Wed Jun 28 21:34:02 2017 us=262139   route_noexec = DISABLED
Wed Jun 28 21:34:02 2017 us=262145   route_delay = 0
Wed Jun 28 21:34:02 2017 us=262151   route_delay_window = 30
Wed Jun 28 21:34:02 2017 us=262157   route_delay_defined = DISABLED
Wed Jun 28 21:34:02 2017 us=262163   route_nopull = DISABLED
Wed Jun 28 21:34:02 2017 us=262170   route_gateway_via_dhcp = DISABLED
Wed Jun 28 21:34:02 2017 us=262176   max_routes = 100
Wed Jun 28 21:34:02 2017 us=262182   allow_pull_fqdn = DISABLED
Wed Jun 28 21:34:02 2017 us=262189   route 10.8.0.0/255.255.255.0/nil/nil
Wed Jun 28 21:34:02 2017 us=262196   management_addr = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=262202   management_port = 0
Wed Jun 28 21:34:02 2017 us=262221   management_user_pass = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=262229   management_log_history_cache = 250
Wed Jun 28 21:34:02 2017 us=262235   management_echo_buffer_size = 100
Wed Jun 28 21:34:02 2017 us=262242   management_write_peer_info_file = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=262248   management_client_user = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=262254   management_client_group = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=262261   management_flags = 0
Wed Jun 28 21:34:02 2017 us=262267   shared_secret_file = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=262273   key_direction = 0
Wed Jun 28 21:34:02 2017 us=262280   ciphername_defined = ENABLED
Wed Jun 28 21:34:02 2017 us=262286   ciphername = 'BF-CBC'
Wed Jun 28 21:34:02 2017 us=262293   authname_defined = ENABLED
Wed Jun 28 21:34:02 2017 us=262299   authname = 'SHA1'
Wed Jun 28 21:34:02 2017 us=262305   prng_hash = 'SHA1'
Wed Jun 28 21:34:02 2017 us=262312   prng_nonce_secret_len = 16
Wed Jun 28 21:34:02 2017 us=262318   keysize = 0
Wed Jun 28 21:34:02 2017 us=262324   engine = DISABLED
Wed Jun 28 21:34:02 2017 us=262330   replay = ENABLED
Wed Jun 28 21:34:02 2017 us=262336   mute_replay_warnings = DISABLED
Wed Jun 28 21:34:02 2017 us=262342   replay_window = 64
Wed Jun 28 21:34:02 2017 us=262348   replay_time = 15
Wed Jun 28 21:34:02 2017 us=262354   packet_id_file = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=262360   use_iv = ENABLED
Wed Jun 28 21:34:02 2017 us=262366   test_crypto = DISABLED
Wed Jun 28 21:34:02 2017 us=262372   tls_server = ENABLED
Wed Jun 28 21:34:02 2017 us=262378   tls_client = DISABLED
Wed Jun 28 21:34:02 2017 us=262384   key_method = 2
Wed Jun 28 21:34:02 2017 us=262396   ca_file = 'ca.crt'
Wed Jun 28 21:34:02 2017 us=262402   ca_path = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=262408   dh_file = 'dh2048.pem'
Wed Jun 28 21:34:02 2017 us=262414   cert_file = 'server.crt'
Wed Jun 28 21:34:02 2017 us=262421   extra_certs_file = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=262427   priv_key_file = 'server.key'
Wed Jun 28 21:34:02 2017 us=262434   pkcs12_file = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=262440   cipher_list = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=262446   tls_verify = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=262452   tls_export_cert = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=262459   verify_x509_type = 0
Wed Jun 28 21:34:02 2017 us=262467   verify_x509_name = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=262474   crl_file = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=262480   ns_cert_type = 0
Wed Jun 28 21:34:02 2017 us=262486   remote_cert_ku[i] = 0
Wed Jun 28 21:34:02 2017 us=262492   remote_cert_ku[i] = 0
Wed Jun 28 21:34:02 2017 us=262498   remote_cert_ku[i] = 0
Wed Jun 28 21:34:02 2017 us=262504   remote_cert_ku[i] = 0
Wed Jun 28 21:34:02 2017 us=262510   remote_cert_ku[i] = 0
Wed Jun 28 21:34:02 2017 us=262516   remote_cert_ku[i] = 0
Wed Jun 28 21:34:02 2017 us=262522   remote_cert_ku[i] = 0
Wed Jun 28 21:34:02 2017 us=262528   remote_cert_ku[i] = 0
Wed Jun 28 21:34:02 2017 us=262534   remote_cert_ku[i] = 0
Wed Jun 28 21:34:02 2017 us=262540   remote_cert_ku[i] = 0
Wed Jun 28 21:34:02 2017 us=262545   remote_cert_ku[i] = 0
Wed Jun 28 21:34:02 2017 us=262551   remote_cert_ku[i] = 0
Wed Jun 28 21:34:02 2017 us=262557   remote_cert_ku[i] = 0
Wed Jun 28 21:34:02 2017 us=262563   remote_cert_ku[i] = 0
Wed Jun 28 21:34:02 2017 us=262569   remote_cert_ku[i] = 0
Wed Jun 28 21:34:02 2017 us=262575   remote_cert_ku[i] = 0
Wed Jun 28 21:34:02 2017 us=262581   remote_cert_eku = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=262587   ssl_flags = 0
Wed Jun 28 21:34:02 2017 us=262593   tls_timeout = 2
Wed Jun 28 21:34:02 2017 us=262599   renegotiate_bytes = 0
Wed Jun 28 21:34:02 2017 us=262605   renegotiate_packets = 0
Wed Jun 28 21:34:02 2017 us=262611   renegotiate_seconds = 3600
Wed Jun 28 21:34:02 2017 us=262617   handshake_window = 60
Wed Jun 28 21:34:02 2017 us=262624   transition_window = 3600
Wed Jun 28 21:34:02 2017 us=262630   single_session = DISABLED
Wed Jun 28 21:34:02 2017 us=262636   push_peer_info = DISABLED
Wed Jun 28 21:34:02 2017 us=262643   tls_exit = DISABLED
Wed Jun 28 21:34:02 2017 us=262649   tls_auth_file = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=262656   pkcs11_protected_authentication = DISABLED
Wed Jun 28 21:34:02 2017 us=262662   pkcs11_protected_authentication = DISABLED
Wed Jun 28 21:34:02 2017 us=262668   pkcs11_protected_authentication = DISABLED
Wed Jun 28 21:34:02 2017 us=262674   pkcs11_protected_authentication = DISABLED
Wed Jun 28 21:34:02 2017 us=262680   pkcs11_protected_authentication = DISABLED
Wed Jun 28 21:34:02 2017 us=262686   pkcs11_protected_authentication = DISABLED
Wed Jun 28 21:34:02 2017 us=262692   pkcs11_protected_authentication = DISABLED
Wed Jun 28 21:34:02 2017 us=262698   pkcs11_protected_authentication = DISABLED
Wed Jun 28 21:34:02 2017 us=262704   pkcs11_protected_authentication = DISABLED
Wed Jun 28 21:34:02 2017 us=262710   pkcs11_protected_authentication = DISABLED
Wed Jun 28 21:34:02 2017 us=262717   pkcs11_protected_authentication = DISABLED
Wed Jun 28 21:34:02 2017 us=262724   pkcs11_protected_authentication = DISABLED
Wed Jun 28 21:34:02 2017 us=262732   pkcs11_protected_authentication = DISABLED
Wed Jun 28 21:34:02 2017 us=262739   pkcs11_protected_authentication = DISABLED
Wed Jun 28 21:34:02 2017 us=262746   pkcs11_protected_authentication = DISABLED
Wed Jun 28 21:34:02 2017 us=262752   pkcs11_protected_authentication = DISABLED
Wed Jun 28 21:34:02 2017 us=262759   pkcs11_private_mode = 00000000
Wed Jun 28 21:34:02 2017 us=262766   pkcs11_private_mode = 00000000
Wed Jun 28 21:34:02 2017 us=262772   pkcs11_private_mode = 00000000
Wed Jun 28 21:34:02 2017 us=262779   pkcs11_private_mode = 00000000
Wed Jun 28 21:34:02 2017 us=262791   pkcs11_private_mode = 00000000
Wed Jun 28 21:34:02 2017 us=262797   pkcs11_private_mode = 00000000
Wed Jun 28 21:34:02 2017 us=262803   pkcs11_private_mode = 00000000
Wed Jun 28 21:34:02 2017 us=262809   pkcs11_private_mode = 00000000
Wed Jun 28 21:34:02 2017 us=262816   pkcs11_private_mode = 00000000
Wed Jun 28 21:34:02 2017 us=262823   pkcs11_private_mode = 00000000
Wed Jun 28 21:34:02 2017 us=262830   pkcs11_private_mode = 00000000
Wed Jun 28 21:34:02 2017 us=262838   pkcs11_private_mode = 00000000
Wed Jun 28 21:34:02 2017 us=262846   pkcs11_private_mode = 00000000
Wed Jun 28 21:34:02 2017 us=262853   pkcs11_private_mode = 00000000
Wed Jun 28 21:34:02 2017 us=262860   pkcs11_private_mode = 00000000
Wed Jun 28 21:34:02 2017 us=262868   pkcs11_private_mode = 00000000
Wed Jun 28 21:34:02 2017 us=262875   pkcs11_cert_private = DISABLED
Wed Jun 28 21:34:02 2017 us=262882   pkcs11_cert_private = DISABLED
Wed Jun 28 21:34:02 2017 us=262890   pkcs11_cert_private = DISABLED
Wed Jun 28 21:34:02 2017 us=262897   pkcs11_cert_private = DISABLED
Wed Jun 28 21:34:02 2017 us=262904   pkcs11_cert_private = DISABLED
Wed Jun 28 21:34:02 2017 us=262911   pkcs11_cert_private = DISABLED
Wed Jun 28 21:34:02 2017 us=262918   pkcs11_cert_private = DISABLED
Wed Jun 28 21:34:02 2017 us=262925   pkcs11_cert_private = DISABLED
Wed Jun 28 21:34:02 2017 us=262932   pkcs11_cert_private = DISABLED
Wed Jun 28 21:34:02 2017 us=262940   pkcs11_cert_private = DISABLED
Wed Jun 28 21:34:02 2017 us=262947   pkcs11_cert_private = DISABLED
Wed Jun 28 21:34:02 2017 us=262954   pkcs11_cert_private = DISABLED
Wed Jun 28 21:34:02 2017 us=262962   pkcs11_cert_private = DISABLED
Wed Jun 28 21:34:02 2017 us=262970   pkcs11_cert_private = DISABLED
Wed Jun 28 21:34:02 2017 us=262977   pkcs11_cert_private = DISABLED
Wed Jun 28 21:34:02 2017 us=262985   pkcs11_cert_private = DISABLED
Wed Jun 28 21:34:02 2017 us=262993   pkcs11_pin_cache_period = -1
Wed Jun 28 21:34:02 2017 us=263000   pkcs11_id = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=263007   pkcs11_id_management = DISABLED
Wed Jun 28 21:34:02 2017 us=263017   server_network = 10.8.0.0
Wed Jun 28 21:34:02 2017 us=263026   server_netmask = 255.255.255.0
Wed Jun 28 21:34:02 2017 us=263037   server_network_ipv6 = ::
Wed Jun 28 21:34:02 2017 us=263044   server_netbits_ipv6 = 0
Wed Jun 28 21:34:02 2017 us=263052   server_bridge_ip = 0.0.0.0
Wed Jun 28 21:34:02 2017 us=263060   server_bridge_netmask = 0.0.0.0
Wed Jun 28 21:34:02 2017 us=263073   server_bridge_pool_start = 0.0.0.0
Wed Jun 28 21:34:02 2017 us=263082   server_bridge_pool_end = 0.0.0.0
Wed Jun 28 21:34:02 2017 us=263089   push_entry = 'redirect-gateway def1 bypass-dhcp'
Wed Jun 28 21:34:02 2017 us=263096   push_entry = 'dhcp-option DNS 8.8.8.8'
Wed Jun 28 21:34:02 2017 us=263103   push_entry = 'dhcp-option DNS 8.8.4.4'
Wed Jun 28 21:34:02 2017 us=263111   push_entry = 'route 10.8.0.1'
Wed Jun 28 21:34:02 2017 us=263118   push_entry = 'topology net30'
Wed Jun 28 21:34:02 2017 us=263125   push_entry = 'ping 10'
Wed Jun 28 21:34:02 2017 us=263133   push_entry = 'ping-restart 120'
Wed Jun 28 21:34:02 2017 us=263140   ifconfig_pool_defined = ENABLED
Wed Jun 28 21:34:02 2017 us=263148   ifconfig_pool_start = 10.8.0.4
Wed Jun 28 21:34:02 2017 us=263156   ifconfig_pool_end = 10.8.0.251
Wed Jun 28 21:34:02 2017 us=263164   ifconfig_pool_netmask = 0.0.0.0
Wed Jun 28 21:34:02 2017 us=263171   ifconfig_pool_persist_filename = 'ipp.txt'
Wed Jun 28 21:34:02 2017 us=263179   ifconfig_pool_persist_refresh_freq = 600
Wed Jun 28 21:34:02 2017 us=263186   ifconfig_ipv6_pool_defined = DISABLED
Wed Jun 28 21:34:02 2017 us=263194   ifconfig_ipv6_pool_base = ::
Wed Jun 28 21:34:02 2017 us=263201   ifconfig_ipv6_pool_netbits = 0
Wed Jun 28 21:34:02 2017 us=263218   n_bcast_buf = 256
Wed Jun 28 21:34:02 2017 us=263227   tcp_queue_limit = 64
Wed Jun 28 21:34:02 2017 us=263234   real_hash_size = 256
Wed Jun 28 21:34:02 2017 us=263241   virtual_hash_size = 256
Wed Jun 28 21:34:02 2017 us=263249   client_connect_script = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=263255   learn_address_script = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=263269   client_disconnect_script = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=263276   client_config_dir = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=263283   ccd_exclusive = DISABLED
Wed Jun 28 21:34:02 2017 us=263290   tmp_dir = '/tmp'
Wed Jun 28 21:34:02 2017 us=263297   push_ifconfig_defined = DISABLED
Wed Jun 28 21:34:02 2017 us=263306   push_ifconfig_local = 0.0.0.0
Wed Jun 28 21:34:02 2017 us=263315   push_ifconfig_remote_netmask = 0.0.0.0
Wed Jun 28 21:34:02 2017 us=263322   push_ifconfig_ipv6_defined = DISABLED
Wed Jun 28 21:34:02 2017 us=263329   push_ifconfig_ipv6_local = ::/0
Wed Jun 28 21:34:02 2017 us=263336   push_ifconfig_ipv6_remote = ::
Wed Jun 28 21:34:02 2017 us=263342   enable_c2c = DISABLED
Wed Jun 28 21:34:02 2017 us=263349   duplicate_cn = DISABLED
Wed Jun 28 21:34:02 2017 us=263355   cf_max = 0
Wed Jun 28 21:34:02 2017 us=263362   cf_per = 0
Wed Jun 28 21:34:02 2017 us=263368   max_clients = 1024
Wed Jun 28 21:34:02 2017 us=263375   max_routes_per_client = 256
Wed Jun 28 21:34:02 2017 us=263382   auth_user_pass_verify_script = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=263388   auth_user_pass_verify_script_via_file = DISABLED
Wed Jun 28 21:34:02 2017 us=263394   port_share_host = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=263401   port_share_port = 0
Wed Jun 28 21:34:02 2017 us=263407   client = DISABLED
Wed Jun 28 21:34:02 2017 us=263413   pull = DISABLED
Wed Jun 28 21:34:02 2017 us=263419   auth_user_pass_file = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=263427 OpenVPN 2.3.11 x86_64-redhat-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on May 10 2016
Wed Jun 28 21:34:02 2017 us=263443 library versions: OpenSSL 1.0.1e-fips 11 Feb 2013, LZO 2.06
Wed Jun 28 21:34:02 2017 us=275926 Diffie-Hellman initialized with 2048 bit key
Wed Jun 28 21:34:02 2017 us=276626 TLS-Auth MTU parms [ L:1544 D:1210 EF:40 EB:0 ET:0 EL:3 ]
Wed Jun 28 21:34:02 2017 us=276665 Socket Buffers: R=[87380->87380] S=[16384->16384]
Wed Jun 28 21:34:02 2017 us=276851 ROUTE_GATEWAY 41.124.254.1/255.255.255.0 IFACE=eth0 HWADDR=f2:3c:91:79:07:a1
Wed Jun 28 21:34:02 2017 us=277532 TUN/TAP device tun0 opened
Wed Jun 28 21:34:02 2017 us=277560 TUN/TAP TX queue length set to 100
Wed Jun 28 21:34:02 2017 us=277575 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Wed Jun 28 21:34:02 2017 us=277601 /usr/sbin/ip link set dev tun0 up mtu 1500
Wed Jun 28 21:34:02 2017 us=282681 /usr/sbin/ip addr add dev tun0 local 10.8.0.1 peer 10.8.0.2
Wed Jun 28 21:34:02 2017 us=288983 /usr/sbin/ip route add 10.8.0.0/24 via 10.8.0.2
Wed Jun 28 21:34:02 2017 us=290287 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:143 ET:0 EL:3 AF:3/1 ]
Wed Jun 28 21:34:02 2017 us=290677 GID set to nobody
Wed Jun 28 21:34:02 2017 us=290696 UID set to nobody
Wed Jun 28 21:34:02 2017 us=290709 Listening for incoming TCP connection on [undef]
Wed Jun 28 21:34:02 2017 us=290721 TCPv4_SERVER link local (bound): [undef]
Wed Jun 28 21:34:02 2017 us=290727 TCPv4_SERVER link remote: [undef]
Wed Jun 28 21:34:02 2017 us=290737 MULTI: multi_init called, r=256 v=256
Wed Jun 28 21:34:02 2017 us=290769 IFCONFIG POOL: base=10.8.0.4 size=62, ipv6=0
Wed Jun 28 21:34:02 2017 us=290779 ifconfig_pool_read(), in='client,10.8.0.4', TODO: IPv6
Wed Jun 28 21:34:02 2017 us=290788 succeeded -> ifconfig_pool_set()
Wed Jun 28 21:34:02 2017 us=290794 IFCONFIG POOL LIST
Wed Jun 28 21:34:02 2017 us=290800 client,10.8.0.4
Wed Jun 28 21:34:02 2017 us=290818 MULTI: TCP INIT maxclients=1024 maxevents=1028
Wed Jun 28 21:34:02 2017 us=290838 Initialization Sequence Completed
Wed Jun 28 21:34:12 2017 us=294771 MULTI: multi_create_instance called
Wed Jun 28 21:34:12 2017 us=294934 Re-using SSL/TLS context
Wed Jun 28 21:34:12 2017 us=295009 LZO compression initialized
Wed Jun 28 21:34:12 2017 us=295144 Control Channel MTU parms [ L:1544 D:1210 EF:40 EB:0 ET:0 EL:3 ]
Wed Jun 28 21:34:12 2017 us=295166 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:143 ET:0 EL:3 AF:3/1 ]
Wed Jun 28 21:34:12 2017 us=295194 Local Options String: 'V4,dev-type tun,link-mtu 1544,tun-mtu 1500,proto TCPv4_SERVER,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Wed Jun 28 21:34:12 2017 us=295225 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1544,tun-mtu 1500,proto TCPv4_CLIENT,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Wed Jun 28 21:34:12 2017 us=295241 Local Options hash (VER=V4): 'c0103fa8'
Wed Jun 28 21:34:12 2017 us=295250 Expected Remote Options hash (VER=V4): '69109d17'
Wed Jun 28 21:34:12 2017 us=295282 TCP connection established with [AF_INET]45.247.102.142:52355
Wed Jun 28 21:34:12 2017 us=295291 TCPv4_SERVER link local: [undef]
Wed Jun 28 21:34:12 2017 us=295296 TCPv4_SERVER link remote: [AF_INET]45.247.102.142:52355
Wed Jun 28 21:34:13 2017 us=467508 45.247.102.142:52355 TCPv4_SERVER READ [14] from [AF_INET]45.247.102.142:52355: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 [ ] pid=0 DATA len=0
Wed Jun 28 21:34:13 2017 us=467577 45.247.102.142:52355 TLS: Initial packet from [AF_INET]45.247.102.142:52355, sid=5758c05e 539a249f
Wed Jun 28 21:34:13 2017 us=467615 45.247.102.142:52355 TCPv4_SERVER WRITE [26] to [AF_INET]45.247.102.142:52355: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 [ 0 ] pid=0 DATA len=0
Wed Jun 28 21:34:13 2017 us=967139 45.247.102.142:52355 Connection reset, restarting [-1]
Wed Jun 28 21:34:13 2017 us=967232 45.247.102.142:52355 SIGUSR1[soft,connection-reset] received, client-instance restarting
Wed Jun 28 21:34:13 2017 us=967384 TCP/UDP: Closing socket

并以这个重启循环结束。我无法从日志中找出我做错了什么。

openvpn
Martin Hope
Yehia A.Salam
Asked: 2016-05-30 08:44:51 +0800 CST
  • 0

我遇到了非常奇怪的 DDOS 攻击,服务器充满了请求,但是问题是,在查看访问日志时,我收到了对我服务器上不存在的域和主机的不同请求,这与行:

101.201.47.133 - - [29/May/2016:16:38:11 +0000] "POST http://ifacelog.iqiyi.com/api/vvlog.jsp HTTP/1.1" 200 2 "-" "QIYIVideo/7.4 (iOS;com.qiyi.iphone;iOS8.0.1;iPhone5,4) Corejar"
81.94.192.52 - - [29/May/2016:16:38:11 +0000] "GET http://www.advinapps.com/ads-sync.js?v=1&key=fa7fef2ba4e39c100ef0278e97b68be3&epmads_width=300&epmads_height=250&cIds=&adsCampaignKey=1464568684537&ch=www.economist.com&click=&tz=-13&t=1464568684812&requestUrl=http%3A%2F%2Feconomist.com&flashVer=18.0%20r0&scrWidth=412&scrHeight=659 HTTP/1.1" 200 691 "http://economist.com" "Mozilla/5.0 (iPhone; CPU iPhone OS 8_0 like Mac OS X) AppleWebKit/600.1.3 (KHTML, like Gecko) Version/8.0 Mobile/12A4345d Safari/600.1.4"
172.87.28.13 - - [29/May/2016:16:35:12 +0000] "CONNECT api.paypal.com:443 HTTP/1.0" 503 299 "-" "-"
123.56.190.144 - - [29/May/2016:16:38:11 +0000] "POST http://ifacelog.iqiyi.com/api/vvlog.jsp HTTP/1.1" 200 2 "-" "QIYIVideo/7.4 (iOS;com.qiyi.iphone;iOS7.0.1;iPhone7,2) Corejar"
172.87.30.22 - - [29/May/2016:16:35:12 +0000] "CONNECT api.paypal.com:443 HTTP/1.0" 503 299 "-" "-"
81.94.192.58 - - [29/May/2016:16:38:11 +0000] "GET http://www.advinapps.com/ads-sync.js?v=1&key=fb5958979637170f68a7f021b69561d0&epmads_width=300&epmads_height=250&cIds=&adsCampaignKey=1464568661357&ch=www.fredericknewspost.com&click=&tz=-13&t=1464568690295&requestUrl=http%3A%2F%2Ffredericknewspost.com&flashVer=18.0%20r0&scrWidth=600&scrHeight=960 HTTP/1.1" 200 321 "fredericknewspost.com/article/780.html" "Mozilla/5.0 (Linux; Android 4.2.2; GT-I9505 Build/JDQ39) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.59 Mobile Safari/537.36"
81.94.192.50 - - [29/May/2016:16:38:11 +0000] "GET http://www.advinapps.com/impression.gif?b=282343&p=24300&ch=www.therepublic.com&dspPar=32&ap=0.104&cps=&c=11623&l=US&h=04536307c4821d3689234591fc91365a&t=1464539891555&s=f7b3eae7f818b290717990bcd6cdff70&tz=-13.0&sh=567&sw=360 HTTP/1.1" 200 49 "http://therepublic.com" "Mozilla/5.0 (iPhone; CPU iPhone OS 7_0 like Mac OS X; en-us) AppleWebKit/537.51.1 (KHTML, like Gecko) Version/7.0 Mobile/11A465 Safari/9537.53"
101.201.31.97 - - [29/May/2016:16:38:12 +0000] "GET http://www.xiami.com/count/playrecord?object_id=1776099904&ishq=0&sid=1776099904&object_name=default&t=1464539867265 HTTP/1.1" 401 - "http://img.xiami.net/static/swf/seiya/1.5/player.swf?v=1439737985865" "Mozilla/5.0 (Windows NT 6.3; WOW64; rv:34.0) Gecko/20100101 Firefox/34.0"
144.52.174.222 - - [29/May/2016:16:38:11 +0000] "POST http://www.gifshow.com/rest/n/relation/follow HTTP/1.1" 200 29 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3; Alexa Toolbar)"
120.26.92.95 - - [29/May/2016:16:38:12 +0000] "CONNECT 112.126.84.66:15010 HTTP/1.1" 400 226 "-" "-"
172.87.30.80 - - [29/May/2016:16:35:12 +0000] "CONNECT api.paypal.com:443 HTTP/1.0" 503 299 "-" "-"
13.73.2.228 - - [29/May/2016:16:38:12 +0000] "CONNECT accounts.surfeasy.com:443 HTTP/1.0" 200 - "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)"
101.201.47.133 - - [29/May/2016:16:38:12 +0000] "GET http://count.vrs.sohu.com/count/stat.do?videoId=2775476&tvid=82474211&playlistId=9084357&categoryId=16&catecode=115101;115102;115103;115104;115126&uid=14645398585291624242&plat=flash&os=Windows10&online=0&type=vrs&r=http%3A%2F%2Ftv.sohu.com%2F20151216%2Fn431509915.shtml&t=1464539858450.432&enc=LIO1B3nKHyIq5OHptFUVfuZnfeE%2BK8x7 HTTP/1.1" 200 16 "http://tv.sohu.com/20151216/n431509915.shtml" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36"
122.224.11.135 - - [29/May/2016:16:38:12 +0000] "" 400 226 "-" "-"
122.224.11.135 - - [29/May/2016:16:38:11 +0000] "GET http://www.128pa.com/ HTTP/1.1" 200 214 "http://www.baidu.com" "Mozilla/5.0+(compatible;+Baiduspider/2.0;++http://www.baidu.com/search/spider.html)"
122.224.11.135 - - [29/May/2016:16:38:11 +0000] "GET http://www.128pa.com/ HTTP/1.1" 200 214 "http://www.baidu.com" "Mozilla/5.0+(compatible;+Baiduspider/2.0;++http://www.baidu.com/search/spider.html)"
81.94.192.58 - - [29/May/2016:16:38:12 +0000] "GET http://www.advinapps.com/no-impression.gif?p=24307&ch=www.fredericknewspost.com&l=US&h=cf5deb1084738a7e069f3bdc209b2193&t=1464568705404&s=0366da23730645ecda68bb0f08c99c2e&tz=-13.0&sh=960&sw=600 HTTP/1.1" 200 49 "fredericknewspost.com/article/780.html" "Mozilla/5.0 (Linux; Android 4.2.2; GT-I9505 Build/JDQ39) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.59 Mobile Safari/537.36"
123.56.199.198 - - [29/May/2016:16:38:11 +0000] "GET http://www.xiami.com/count/playrecord?object_id=1776099904&ishq=0&sid=1776099904&object_name=default&t=1464539866545 HTTP/1.1" 401 - "http://img.xiami.net/static/swf/seiya/1.5/player.swf?v=1439737985865" "Mozilla/5.0 (Windows NT 6.3; WOW64; rv:34.0) Gecko/20100101 Firefox/34.0"
81.94.192.52 - - [29/May/2016:16:38:12 +0000] "GET http://www.advinapps.com/ads-sync.js?v=1&key=fa7fef2ba4e39c100ef0278e97b68be3&epmads_width=300&epmads_height=250&cIds=&adsCampaignKey=1464568694585&ch=www.economist.com&click=&tz=-13&t=1464568694812&requestUrl=http%3A%2F%2Feconomist.com&flashVer=18.0%20r0&scrWidth=412&scrHeight=659 HTTP/1.1" 200 691 "http://economist.com" "Mozilla/5.0 (iPhone; CPU iPhone OS 7_0 like Mac OS X; en-us) AppleWebKit/537.51.1 (KHTML, like Gecko) Version/7.0 Mobile/11A465 Safari/9537.53"
101.201.31.108 - - [29/May/2016:16:38:12 +0000] "GET http://vstat.v.blog.sohu.com/dostat.do?method=setVideoPlayCount&v=83593920&playlistId=&c=131128&vc=131128&uid=14645398803161561565&plat=flash&os=Windows10&online=0&type=my&o=292591044&r=http%3A%2F%2Fmy.tv.sohu.com%2Fus%2F292591044%2F83593920.shtml&time=1464539880698 HTTP/1.1" 200 6 "http://my.tv.sohu.com/us/292591044/83593920.shtml" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36"
104.197.247.35 - - [29/May/2016:16:38:12 +0000] "GET http://www.realtimewebsite.com/js/rtws.js HTTP/1.1" 200 348 "http://www.freewebsitereport.org/www.cartoonetwork.com" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 5.1; Trident/4.0; .NET CLR 5.0.90556.2)"
81.94.192.52 - - [29/May/2016:16:38:13 +0000] "GET http://www.advinapps.com/no-impression.gif?p=24306&ch=www.economist.com&l=US&h=931f6fbc7b9b27deb6633049e4303daf&t=1464568695000&s=0366da23730645ecda68bb0f08c99c2e&tz=-13.0&sh=659&sw=412 HTTP/1.1" 200 49 "http://economist.com" "Mozilla/5.0 (iPhone; CPU iPhone OS 7_0 like Mac OS X; en-us) AppleWebKit/537.51.1 (KHTML, like Gecko) Version/7.0 Mobile/11A465 Safari/9537.53"
110.252.95.174 - - [29/May/2016:16:38:12 +0000] "POST http://180.186.38.200/rest/photo/like?lat=0&lon=0&ver=4.34&ud=169552143&sys=ANDROID_4.4.4&c=GENERIC&net=WIFI&did=ANDROID_33d055630e75dcf4&mod=iToolsAVM%28iToolsAVM%29&app=0&language=zh-cn&country_code=US HTTP/1.1" 200 37 "-" "Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)"
79.20.174.253 - - [29/May/2016:16:38:13 +0000] "GET http://video-edge-8273c0.ord02.hls.ttvnw.net/hls-6dbdec/forsenlol_21576028656_461001026/chunked/index-live.m3u8?token=id=7806820898711542541,bid=21576028656,exp=1464623765,node=video-edge-8273c0-1.ord02.hls.justin.tv,nname=video-edge-8273c0.ord02,fmt=chunked&sig=4c016ff3014314d55ebbf08798cbc18c9d008e77 HTTP/1.1" 200 422 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Firefox/24.0"
104.197.247.35 - - [29/May/2016:16:38:13 +0000] "GET http://www.realtimewebsite.com/tp.tiff?ref=&host=freewebsitereport.org&path=%2Fwww.cartoonetwork.com&href=http%3A%2F%2Fwww.freewebsitereport.org%2Fwww.cartoonetwork.com&width=400&height=300&id=8046424910426 HTTP/1.1" 204 - "http://www.freewebsitereport.org/www.cartoonetwork.com" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 5.1; Trident/4.0; .NET CLR 5.0.90556.2)"
85.25.242.142 - - [29/May/2016:16:38:13 +0000] "GET http://www.amazon.de/gp/offer-listing/B00BT96PFK/ref=olp_tab_new?ie=UTF8&sr=8-1&condition=new HTTP/1.1" 400 226 "http://www.amazon.de/gp/offer-listing/B00BT96PFK/ref=olp_tab_all" "-"
108.61.123.138 - - [29/May/2016:16:38:13 +0000] "GET http://c2s.startappnetwork.com/c2s/1.3/htmlads?sdkType=10&sdkVersion=1.0.0&partner=103651863&prod=203453235&os=0&placement=&adw=320&adh=50 HTTP/1.1" 200 8398 "com.pubjts.CuteJam" "Mozilla/5.0 (Linux; U; Android 5.0.0; en-us; ASUS_T00F Build/JSS15Q) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1"

这是一种已知类型的 DDOS 攻击吗,我的 apache 是如何接收来自的请求的POST http://ifacelog.iqiyi.com/api/vvlog.jsp,我的意思是域 iqiyi 不指向我的服务器。

更新#1

在有人将我的服务器用作开放代理的建议之后,我通过评论禁用了加载所有 apache 代理模块:

# This file configures all the proxy modules:
#LoadModule proxy_module modules/mod_proxy.so
#LoadModule lbmethod_bybusyness_module modules/mod_lbmethod_bybusyness.so
#LoadModule lbmethod_byrequests_module modules/mod_lbmethod_byrequests.so
#LoadModule lbmethod_bytraffic_module modules/mod_lbmethod_bytraffic.so
#LoadModule lbmethod_heartbeat_module modules/mod_lbmethod_heartbeat.so
#LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
#LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
#LoadModule proxy_connect_module modules/mod_proxy_connect.so
#LoadModule proxy_express_module modules/mod_proxy_express.so
#LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
#LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so
#LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
#LoadModule proxy_http_module modules/mod_proxy_http.so
#LoadModule proxy_scgi_module modules/mod_proxy_scgi.so

但是,我的 access_log 文件仍然收到相同的可疑请求,当我禁用所有代理时,这怎么可能发生。

ddos
Martin Hope
Yehia A.Salam
Asked: 2016-04-17 04:45:56 +0800 CST
  • 1

我在我的 Apache 2 安装中启用了 mod_status 模块,扩展状态为 On。但是,当我不断检查服务器状态页面时,总访问量以一种奇怪的方式增加(比如每 1 秒 100 次),尽管我在服务器上没有任何流量,同时服务器状态不是在下面的请求列表中显示任何请求。如何记录任何 http 访问并查看流量的来源和来源。

在此处输入图像描述

apache-2.2 apache-2.4 apache-traffic-server
Martin Hope
Yehia A.Salam
Asked: 2013-01-06 03:56:39 +0800 CST
  • 0

我有一个在 tomcat 上运行的 java 应用程序,我正在使用 apache mod_proxy 模块将文件传递给 tomcat,但是 tomcat 似乎忽略了 .htaccess 文件,这里是我的 vhost.conf。我如何指示 apache 读取 .htaccess 并仍然为 jsp 提供服务。

DirectoryIndex index.jsp index.htm index.html index.php  

ProxyRequests Off
ProxyPreserveHost On

<Proxy *>
        Order deny,allow
        Allow from all
</Proxy>
ProxyPass / http://localhost:9080/SouthSide_815/
ProxyPassReverse / http://localhost:9080/SouthSide_815/

RewriteLog /etc/httpd/logs/rewrite.log
RewriteLogLevel 3

DocumentRoot /usr/share/tomcat6/psa-webapps/southside815.com/SouthSide_815

<Directory /usr/share/tomcat6/psa-webapps/southside815.com/SouthSide_815>
    Options Indexes FollowSymLinks
    AllowOverride All
    Order allow,deny
    Allow from all
</Directory>

在旁注中,使用上述配置,当 apache 解析此配置文件并到达代理部分时,它是否会将所有内容代理到 tomcat 并忽略其余行(DocumentRoot、Directory ...)?

apache-2.2
Martin Hope
Yehia A.Salam
Asked: 2012-11-16 14:29:28 +0800 CST
  • 2

我正在尝试在我的一个虚拟主机下添加服务器状态位置指令,但是在浏览 www.mywebsite.com/server-status 时我收到 403 Access Forbidden。将位置指令放在虚拟主机下是否合法?

编辑 #1:完整的虚拟主机配置

<VirtualHost *:80>
  # Admin email, Server Name (domain name) and any aliases
  ServerAdmin [email protected]
  ServerName  aumento.io
  ServerAlias  www.aumento.io


  # Index file and Document Root (where the public files are located)
  DirectoryIndex index.html index.php
  DocumentRoot /home/cairocubicles/web/aumento.io/public
    <Directory /home/cairocubicles/web/aumento.io/public>
        Order Allow,Deny
        Allow from all
        Options Indexes FollowSymLinks
        AllowOverride All
        AcceptPathInfo On
    </Directory>

<Location /server-status>
    SetHandler server-status
    Order deny,allow
    Deny from all
    Allow from aumento.io
</Location> 

  # Custom log file locations
  LogLevel warn
  ErrorLog  /home/cairocubicles/web/aumento.io/log/error.log

</VirtualHost>
apache-2.2
Martin Hope
Yehia A.Salam
Asked: 2012-11-16 02:16:21 +0800 CST
  • 0

我的 CentOS 服务器上的 MySQL 守护进程不断崩溃,我从 /var/logs/mysqld 获取了日志,但我仍然不确定如何解决这个问题:

    121114 16:22:56 mysqld_safe mysqld from pid file /var/run/mysqld/mysqld.pid ended                                                                                                 
    121114 21:55:11 mysqld_safe Starting mysqld daemon with databases from /var/lib/mysql                                                                                             
    121114 21:55:11 [Note] Plugin 'FEDERATED' is disabled.                                                                                                                            
    121114 21:55:11 InnoDB: The InnoDB memory heap is disabled                                                                                                                        
        121114 21:55:11 InnoDB: Mutexes and rw_locks

 use GCC atomic builtins                                                                                                              
    121114 21:55:11 InnoDB: Compressed tables use zlib 1.2.3                                                                                                                          
    121114 21:55:11 InnoDB: Using Linux native AIO                                                                                                                                    
    121114 21:55:11 InnoDB: Initializing buffer pool, size = 128.0M                                                                                                                   
    121114 21:55:11 InnoDB: Completed initialization of buffer pool                                                                                                                   
    121114 21:55:11 InnoDB: highest supported file format is Barracuda.                                                                                                               
    InnoDB: The log sequence number in ibdata files does not match                                                                                                                    
    InnoDB: the log sequence number in the ib_logfiles!                                                                                                                               
    121114 21:55:11  InnoDB: Database was not shut down normally!                                                                                                                     
    InnoDB: Starting crash recovery.                                                                                                                                                  
    InnoDB: Reading tablespace information from the .ibd files...                                                                                                                     
    InnoDB: Restoring possible half-written data pages from the doublewrite                                                                                                           
    InnoDB: buffer...                                                                                                                                                                 
    121114 21:55:12  InnoDB: Waiting for the background threads to start                                                                                                              
    121114 21:55:13 InnoDB: 1.1.6 started; log sequence number 77177262                                                                                                               
    121114 21:55:13 [Note] Event Scheduler: Loaded 0 events                                                                                                                           
    121114 21:55:13 [Note] /usr/libexec/mysqld: ready for connections.                                                                                                                
    Version: '5.5.12'  socket: '/var/lib/mysql/mysql.sock'  port: 3306  MySQL Community Server (GPL) by Remi                                                                          
    121115 00:19:44 mysqld_safe Number of processes running now: 0                                                                                                                    
    121115 00:19:44 mysqld_safe mysqld restarted                                                                                                                                      
    121115  0:19:47 [Note] Plugin 'FEDERATED' is disabled.                                                                                                                            
    121115  0:19:47 InnoDB: The InnoDB memory heap is disabled                                                                                                                        
    121115  0:19:47 InnoDB: Mutexes and rw_locks use GCC atomic builtins                                                                                                              
    121115  0:19:47 InnoDB: Compressed tables use zlib 1.2.3                                                                                                                          
    121115  0:19:47 InnoDB: Using Linux native AIO                                                                                                                                    
    121115  0:19:47 InnoDB: Initializing buffer pool, size = 128.0M                                                                                                                   
    InnoDB: mmap(137363456 bytes) failed; errno 12                                                                                                                                    
    121115  0:19:47 InnoDB: Completed initialization of buffer pool                                                                                                                   
    121115  0:19:47 InnoDB: Fatal error: cannot allocate memory for the buffer pool                                                                                                   
    121115  0:19:47 [ERROR] Plugin 'InnoDB' init function returned error.                                                                                                             
    121115  0:19:47 [ERROR] Plugin 'InnoDB' registration as a STORAGE ENGINE failed.                                                                                                  
    121115  0:19:47 [ERROR] Unknown/unsupported storage engine: InnoDB                                                                                                                
    121115  0:19:47 [ERROR] Aborting

编辑 #1

             total       used       free     shared    buffers     cached                                                                                                         
Mem:           496        370        126          0         24        110                                                                                                         
-/+ buffers/cache:        234        261                                                                                                                                          
Swap:         1023          9       1014

编辑#2

另外,我的 mysql 中最大的表是 20MB,所以我使用的内存应该是相当适中的。

SELECT CONCAT(table_schema, '.', table_name),
       CONCAT(ROUND(table_rows / 1000000, 2), 'M')                                    rows,
       CONCAT(ROUND(data_length / ( 1024 * 1024 * 1024 ), 2), 'G')                    DATA,
       CONCAT(ROUND(index_length / ( 1024 * 1024 * 1024 ), 2), 'G')                   idx,
       CONCAT(ROUND(( data_length + index_length ) / ( 1024 * 1024 * 1024 ), 2), 'G') total_size,
       ROUND(index_length / data_length, 2)                                           idxfrac
FROM   information_schema.TABLES
ORDER  BY data_length + index_length DESC
LIMIT  10;

在此处输入图像描述

mysql
Martin Hope
Yehia A.Salam
Asked: 2012-05-17 17:06:30 +0800 CST
  • 1

我正在尝试为我正在处理的项目projectx.cairocubicles.com创建一个子域,此 url 指向另一台服务器而不是托管www.cairocubicles.com的服务器。子域指向的服务器安装了以下虚拟主机的 apache:

    <VirtualHost *:80>
  # Admin email, Server Name (domain name) and any aliases
  ServerAdmin [email protected]
  ServerName  www.project1.cairocubicles.com


  # Index file and Document Root (where the public files are located)
  DirectoryIndex index.html index.php
  DocumentRoot /home/project1/web/public
    <Directory /home/project1/web/public>
        Options Indexes FollowSymLinks
        AllowOverride All
        AcceptPathInfo On
        Order allow,deny
        Allow from all
    </Directory>


  # Custom log file locations
  LogLevel warn
  ErrorLog  /home/project1/web/log/error.log
  CustomLog /home/project1/web/log/access.log combined

</VirtualHost>

但是现在当浏览到 project1.cairocubicles.com 时,我得到了一个不同的网站(虚拟主机列表中的另一个网站)。我也尝试更改ServerName www.project1.cairocubicles.com为,ServerName project1.cairocubicles.com但随后出现 403 Forbidden 错误。有什么线索吗?

谢谢。

subdomain apache-2.2 virtualhost