Re: [CentOS] repeated local ephemeral to 80

2011-04-02 Thread Kai Schaetzl
well, first question: why don't you allow local access to port 80? There is no reason for that. This is httpd itself. Switch on the status page and then look for yourself. It's a well-known "phenomenon" since Apache 2.0 or 2.2. Kai ___ CentOS mailing

Re: [CentOS] repeated local ephemeral to 80

2011-04-01 Thread Michael D. Berger
On Fri, 01 Apr 2011 22:10:58 +0200, Markus Falb wrote: [...] >> Mar 29 17:27:20 mbrc20 kernel: IPT-DROP IN= OUT=lo SRC=192.168.9.20 >> DST=192.168.9.20 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=46910 DF PROTO=TCP >> SPT=56624 DPT=80 WINDOW=32792 RES=0x00 SYN URGP=0 OPT >> (0204400C0402080A4A26F7A500

Re: [CentOS] repeated local ephemeral to 80

2011-04-01 Thread Markus Falb
On 1.4.2011 17:20, Michael D. Berger wrote: > On my CentOS box that I use mainly as a web server, I have iptables > set to log and reject anything that I don't expect. So lately, > I have getting things like this: > > > Mar 29 17:27:20 mbrc20 kernel: IPT-DROP IN= OUT=lo SRC=192.168.9.20 > DST=1

Re: [CentOS] repeated local ephemeral to 80

2011-04-01 Thread m . roth
Michael D. Berger wrote: > On Fri, 01 Apr 2011 17:55:37 +0200, Nicolas Thierry-Mieg wrote: > > [...] >> >> you might be able to see the process with netstat when it's happening. > > I tried that; so far without success. > Mike. Hmmm, maybe lsof. mark

Re: [CentOS] repeated local ephemeral to 80

2011-04-01 Thread Michael D. Berger
On Fri, 01 Apr 2011 17:55:37 +0200, Nicolas Thierry-Mieg wrote: [...] > > you might be able to see the process with netstat when it's happening. I tried that; so far without success. Mike. ___ CentOS mailing list CentOS@centos.org http://lists.centos.

Re: [CentOS] repeated local ephemeral to 80

2011-04-01 Thread Nicolas Thierry-Mieg
Michael D. Berger wrote: > On Fri, 01 Apr 2011 11:32:16 -0400, m.roth-x6lchVBUigD1P9xLtpHBDw wrote: > >> Michael D. Berger wrote: > [...] >> >> Not great on this, but *if* I understand it, it's saying that the IP >> address of your server is 192.168.9.20, and it's talking to itself, at >> destinat

Re: [CentOS] repeated local ephemeral to 80

2011-04-01 Thread Michael D. Berger
On Fri, 01 Apr 2011 11:32:16 -0400, m.roth-x6lchVBUigD1P9xLtpHBDw wrote: > Michael D. Berger wrote: [...] > > Not great on this, but *if* I understand it, it's saying that the IP > address of your server is 192.168.9.20, and it's talking to itself, at > destination port 80 - apache, that would be

Re: [CentOS] repeated local ephemeral to 80

2011-04-01 Thread m . roth
Michael D. Berger wrote: > On my CentOS box that I use mainly as a web server, I have iptables > set to log and reject anything that I don't expect. So lately, > I have getting things like this: > > > Mar 29 17:27:20 mbrc20 kernel: IPT-DROP IN= OUT=lo SRC=192.168.9.20 > DST=192.168.9.20 LEN=60 TOS