[kwlug-disc] clearing close_wait

Fernando Duran liberosec at yahoo.ca
Thu Mar 24 20:22:05 EDT 2011


Hi,

Not related to CLOSE_WAIT but to prevent this issue of an IP opening a lot of 
connections you can setup the proper parameter in your mail server (for example 
for 
Postfix http://www.postfix.org/postconf.5.html#smtpd_client_connection_count_limit )
 , xinited also can limit the number of simultaneous client connections. Or 
directly from iptables using 
connlimit: http://www.cyberciti.biz/faq/iptables-connection-limits-howto/

Cheers,
 ---------------------
Fernando Duran
http://www.fduran.com



----- Original Message ----
> From: Insurance Squared Inc. <gcooke at insurancesquared.com>
> To: KWLUG discussion <kwlug-disc at kwlug.org>
> Sent: Thu, March 24, 2011 3:15:08 PM
> Subject: [kwlug-disc] clearing close_wait
> 
> Seems lately I've been enjoying somewhat frequent attacks on my mail  server.  
>Some IP address opens up a thousand email connections on my  server, no idea 
>why.
> 
> I firewall the IP address, but I still end up with a  ton of connections in a 
>CLOSE_WAIT state.  Is there any way to clear those  all those close-wait 
>connections from the offending IP, without rebooting?   If I leave it sit they 
>eventually all go away, I'd like a faster solution  though.
> 
> 
> 
> _______________________________________________
> kwlug-disc  mailing list
> kwlug-disc at kwlug.org
> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
> 





More information about the kwlug-disc mailing list