[SAC] download.osgeo.org iptables change
Christopher Schmidt
crschmidt at metacarta.com
Mon Dec 22 11:34:20 EST 2008
All,
Frank alerted me to the fact that a large number of Apache processes on
download.osgeo.org were being held open in 'read' state. Using netstat,
I narrowed this down to the IP:
220.128.176.130
Which had over 100 open connections to the OSGeo server, all of which
were not actively doing anything.
Using iptable rules:
/sbin/iptables -A INPUT -s 220.128.176.130 -j DROP
/sbin/iptables -A OUTPUT -d 220.128.176.130 -j DROP
I attempted to block the IP address, and it appears to have been
successful.
Regards,
--
Christopher Schmidt
MetaCarta
More information about the Sac
mailing list