什么“net_ratelimit:44回调被抑制”在linux上意味着什么?

前端之家收集整理的这篇文章主要介绍了什么“net_ratelimit:44回调被抑制”在linux上意味着什么?前端之家小编觉得挺不错的,现在分享给大家,也给大家做个参考。
我正在尝试在基于Debian的路由器上调整Snort性能.我看到的东西像:
snort packet recv contents failure: No buffer space available

所以我将缓冲区增加到8M,当不起作用时,我尝试了16M,根据http://fasterdata.es.net/fasterdata/host-tuning/linux/的调整指南:

#!/bin/sh -e
#
# rc.local
#
# This script is executed at the end of each multiuser runlevel.
# Make sure that the script will "exit 0" on success or any other
# value on error.
#
# In order to enable or disable this script just change the execution
# bits.
#
# By default this script does nothing.
# Increase TCP Buffers to 16 MB
sysctl -w net.core.rmem_default='16777216'
sysctl -w net.core.wmem_default='16777216'
sysctl -w net.core.rmem_max='16777216'
sysctl -w net.core.wmem_max='16777216'
sysctl -w net.ipv4.tcp_wmem='1048576 4194304 16777216'
sysctl -w net.ipv4.tcp_rmem='1048576 4194304 16777216'
sysctl -w net.core.netdev_max_backlog='30000'
exit 0

现在我没有看到“无缓冲空间”日志条目,但我有一个新的:

net_ratelimit: 44 callbacks suppressed

来自同一时间框架的唯一其他消息是这些火星人,也许这就是被压制的东西?

Jun  4 07:09:36 ilium ntpd_intres[3575]: host name not found: 0.us.pool.ntp.org
Jun  4 14:17:36 ilium kernel: [25743.259951] net_ratelimit: 44 callbacks suppressed
Jun  4 14:17:36 ilium kernel: [25743.259955] martian source 216.59.11.21 from 127.0.0.1,on dev eth0
Jun  4 14:17:36 ilium kernel: [25743.259956] ll header: 00:30:48:7c:f8:10:00:24:c4:49:8d:00:08:00
Jun  4 14:17:58 ilium kernel: [25765.055449] martian source 216.59.11.21 from 127.0.0.1,on dev eth0
Jun  4 14:17:58 ilium kernel: [25765.055451] ll header: 00:30:48:7c:f8:10:00:24:c4:49:8d:00:08:00
Jun  4 14:18:43 ilium kernel: [25809.998978] martian source 216.59.11.21 from 127.0.0.1,on dev eth0
Jun  4 14:18:43 ilium kernel: [25809.998980] ll header: 00:30:48:7c:f8:10:00:24:c4:49:8d:00:08:00
Jun  4 14:24:11 ilium kernel: [26138.700143] martian source 216.59.11.71 from 127.0.0.1,on dev eth0
Jun  4 14:24:11 ilium kernel: [26138.700145] ll header: 00:30:48:7c:f8:10:00:24:c4:49:8d:00:08:00
Jun  4 14:28:42 ilium kernel: [26409.130701] martian source 216.59.11.71 from 127.0.0.1,on dev eth0
Jun  4 14:28:42 ilium kernel: [26409.130703] ll header: 00:30:48:7c:f8:10:00:24:c4:49:8d:00:08:00

解决方法

‘net_ratelimit()’用于限制内核的syslog消息.
这种“回调抑制”消息意味着它抑制了大量44个系统日志消息.
这是为了避免加载syslog日志记录路径.

如果您有兴趣,这是源参考,
FreeBSD/Linux Kernel Cross Reference; sys/net/core/utils.c,
它叫sys/lib/ratelimit.c – ___ ratelimit()

你可能想调查你的“martian source”,
但是,如果你忽略它,我猜,ratelimit将处理日志
(修复未知日志源通常是一个好主意).

在你的情况下,它看起来像你的Martian Packets,

An incoming or outgoing packet whose source or destination address is in the range 127.0.0.0/8,which is reserved for loopback within the host.

猜你在找的Linux相关文章