JuniperSRX防火墙系统会话链接的清除-创新互联

Juniper SRX防火墙系统会话链接的清除

成都创新互联公司主营广东网站建设的网络公司,主营网站建设方案,成都app开发,广东h5微信小程序开发搭建,广东网站营销推广欢迎广东等地区企业咨询

维护Juniper防火墙SRX系列防火墙,一段时间后,发现防火墙老是有时候登录不上去,有时候可以登录。

查看用户的时候,发现,系统挂了很多连接会话,怪不得老是无法登录,资料被消耗了。

用户并不多:

{primary:node0}
james@SRX3600-FW-1> show system users
node0:
--------------------------------------------------------------------------
 3:58PM  up 648 days, 15:42, 3 users, load averages: 0.27, 0.19, 0.14
USER   TTY    FROM                LOGIN@  IDLE WHAT
james  p0    10.251.152.212          2:42PM  1:07 ssh 10.244.136
james  p1    10.251.152.212          3:53PM    - -cli (cli)

node1:
--------------------------------------------------------------------------
 3:58PM  up 40 days, 10 hrs, 0 users, load averages: 0.17, 0.19, 0.12

连接数倒是很多。。。

james@SRX3600-FW-1> show system connections | match 10.111.141.146.22
tcp4    0    0  10.111.141.146.22               10.251.152.212.1669              ESTABLISHED
tcp4    0    0  10.111.141.146.22               10.251.152.212.1281              ESTABLISHED
tcp4    0    0  10.111.141.146.22               10.101.149.27.46565              ESTABLISHED
tcp4    0    0  10.111.141.146.22               10.101.149.24.40582              ESTABLISHED
tcp4    0    0  10.111.141.146.22               10.101.149.30.3102               ESTABLISHED
tcp4    0    0  10.111.141.146.22               10.101.149.30.27496              ESTABLISHED
tcp4    0    0  10.111.141.146.22               10.101.149.30.22894              ESTABLISHED
tcp4    0    0  10.111.141.146.22               10.101.149.30.22890              ESTABLISHED
tcp4    0    0  10.111.141.146.22               10.101.149.30.21030              ESTABLISHED
tcp4    0    0  10.111.141.146.22               10.101.149.30.25413              ESTABLISHED
tcp4    0    0  10.111.141.146.22               10.101.149.24.51123              ESTABLISHED
tcp4    0    0  10.111.141.146.22               10.101.149.27.59378              ESTABLISHED
tcp4    0    0  10.111.141.146.22               10.101.149.26.40712              ESTABLISHED
tcp4    0    0  10.111.141.146.22               10.101.149.27.9228               ESTABLISHED
tcp4    0    0  10.111.141.146.22               10.101.149.26.7785               ESTABLISHED
tcp4    0    0  10.111.141.146.22               10.101.149.27.27143              ESTABLISHED
tcp4    0    0  10.111.141.146.22               10.101.149.27.46143              ESTABLISHED
tcp4    0    0  10.111.141.146.22               10.101.149.28.9249               ESTABLISHED
tcp4    0    0  10.111.141.146.22               10.101.149.24.19977              ESTABLISHED
tcp4    0    0  10.111.141.146.22               10.101.149.30.54018              ESTABLISHED
tcp4    0    0  10.111.141.146.22               10.101.149.24.37582              ESTABLISHED
tcp4    0    0  10.111.141.146.22               10.101.149.28.39697              ESTABLISHED
tcp4    0    0  10.111.141.146.22               10.101.149.30.51267              ESTABLISHED
tcp4    0    0  10.111.141.146.22               10.101.149.30.28047              ESTABLISHED
tcp4    0    0  10.111.141.146.22               10.101.149.30.36206              ESTABLISHED
tcp4    0    0  10.111.141.146.22               10.101.149.26.12024              ESTABLISHED
tcp4    0    0  10.111.141.146.22               10.101.149.28.19595              ESTABLISHED
tcp4    0    0  10.111.141.146.22               10.101.149.27.32237              ESTABLISHED
tcp4    0    0  10.111.141.146.22               10.101.149.28.62761              ESTABLISHED
tcp4    0    0  10.111.141.146.22               10.101.149.28.8727               ESTABLISHED
tcp4    0    0  10.111.141.146.22               10.101.149.28.57345              ESTABLISHED
tcp4    0    0  10.111.141.146.22               10.101.149.24.7457               ESTABLISHED
tcp4    0    0  10.111.141.146.22               10.101.149.28.60782              ESTABLISHED
tcp4    0    0  10.111.141.146.22               10.101.149.30.50150              ESTABLISHED
tcp4    0    0  10.111.141.146.22               10.101.149.24.23601              ESTABLISHED
tcp4    0    0  10.111.141.146.22               10.101.149.30.54827              ESTABLISHED
tcp4    0    0  10.111.141.146.22               10.101.149.28.51074              ESTABLISHED
tcp4    0    0  10.111.141.146.22               10.101.149.27.35025              ESTABLISHED
tcp4    0    0  10.111.141.146.22               10.101.149.26.13587              ESTABLISHED

登录查看是那些进程:

root@SRX3600-FW-1% ps -aux | grep sshd
root  61980  0.1  0.2  6084  2432  ??  S   10:37AM  0:00.30 sshd: nsm [priv] (sshd)
root   3740  0.0  0.2  7288  2484  ??  Is   9Sep15  0:00.76 sshd: kevinw@notty (sshd)
root   3791  0.0  0.2  7288  2484  ??  Is   9Sep15  0:00.50 sshd: kevinw@notty (sshd)
root   4066  0.0  0.2  7288  2488  ??  Is   9Sep15  0:00.18 sshd: james@notty (sshd)
root   4449  0.0  0.2  7288  2484  ??  Is   9Sep15  0:00.38 sshd: kevinw@notty (sshd)
root   6513  0.0  0.2  7288  2484  ??  Is   1Sep15  0:00.29 sshd: kevinw@notty (sshd)
root  17193  0.0  0.2  7288  2484  ??  Is   1Sep15  0:00.29 sshd: kevinw@notty (sshd)
root  17558  0.0  0.2  7288  2484  ??  Is  Mon02PM  0:00.26 sshd: kevinw@notty (sshd)
root  18548  0.0  0.2  7288  2484  ??  Is  Mon03PM  0:00.16 sshd: kevinw@notty (sshd)
root  21354  0.0  0.2  7288  2484  ??  Is   1Sep15  0:00.41 sshd: kevinw@notty (sshd)
root  21658  0.0  0.2  7288  2484  ??  Is   1Sep15  0:00.25 sshd: kevinw@notty (sshd)
root  27719  0.0  0.2  7288  2484  ??  Is  28Aug15  0:00.39 sshd: kevinw@notty (sshd)
root  28611  0.0  0.2  7288  2484  ??  Is  Thu04PM  0:00.23 sshd: kevinw@notty (sshd)
root  33524  0.0  0.2  7288  2484  ??  Is  24Aug15  0:00.19 sshd: kevinw@notty (sshd)
root  36425  0.0  0.2  7288  2484  ??  Is   6Sep15  0:00.26 sshd: kevinw@notty (sshd)
root  36800  0.0  0.2  7288  2484  ??  Is   6Sep15  0:00.27 sshd: kevinw@notty (sshd)
root  42448  0.0  0.2  7300  2496  ??  Is  Tue03PM  0:00.13 sshd: kevinw@notty (sshd)
root  42450  0.0  0.2  7300  2496  ??  Is  Tue03PM  0:00.13 sshd: kevinw@notty (sshd)
root  42953  0.0  0.2  7300  2496  ??  Is  Tue04PM  0:00.31 sshd: kevinw@notty (sshd)
root  45193  0.0  0.2  7288  2484  ??  Is   2Sep15  0:00.62 sshd: kevinw@notty (sshd)
root  47703  0.0  0.2  7288  2484  ??  Is  Fri12PM  0:00.83 sshd: kevinw@notty (sshd)
root  50156  0.0  0.2  7300  2496  ??  Is  Wed09AM  0:00.13 sshd: kevinw@notty (sshd)
root  51153  0.0  0.2  7300  2496  ??  Is  11:24AM  0:00.13 sshd: kevinw@notty (sshd)
root  51155  0.0  0.2  7300  2496  ??  Is  11:24AM  0:00.13 sshd: kevinw@notty (sshd)
root  54215  0.0  0.2  7300  2496  ??  Is   5:09PM  0:00.13 sshd: kevinw@notty (sshd)
root  54223  0.0  0.2  7300  2496  ??  Is   5:10PM  0:00.13 sshd: kevinw@notty (sshd)
root  56559  0.0  0.2  7288  2484  ??  Is  25Aug15  0:00.24 sshd: james@notty (sshd)
root  58693  0.0  0.2  7288  2484  ??  Is   7Sep15  0:00.70 sshd: kevinw@notty (sshd)
root  60181  0.0  0.2  7288  2484  ??  Is   7Sep15  0:00.31 sshd: kevinw@notty (sshd)
root  60286  0.0  0.2  7288  2484  ??  Is   7Sep15  0:00.21 sshd: kevinw@notty (sshd)
root  60326  0.0  0.2  7288  2484  ??  Is   7Sep15  0:00.19 sshd: kevinw@notty (sshd)
root  61834  0.0  0.2  7288  2484  ??  Is  25Aug15  0:00.37 sshd: kevinw@notty (sshd)
root  61910  0.0  0.2  7292  2480  ??  Ss  10:30AM  0:00.22 sshd: james@ttyp0 (sshd)
sshd  61981  0.0  0.1  5740  1192  ??  I   10:37AM  0:00.11 sshd: nsm [net] (sshd)
root  77273  0.0  0.2  7288  2484  ??  Is   8Sep15  0:00.30 sshd: kevinw@notty (sshd)
root  78136  0.0  0.2  7288  2484  ??  Is   8Sep15  0:00.86 sshd: kevinw@notty (sshd)
root  79456  0.0  0.4  8512  3692  ??  Is  26Aug15  0:01.69 sshd: kevinw@notty (sshd)
root  80979  0.0  0.2  7288  2480  ??  Is   8Sep15  0:01.87 sshd: kevinw@ttyp2 (sshd)
root  86243  0.0  0.2  7288  2488  ??  Is  26Aug15  0:00.25 sshd: james@notty (sshd)
root  93209  0.0  0.2  7288  2488  ??  Is  31Aug15  0:00.56 sshd: andy@notty (sshd)
root  93754  0.0  0.2  7288  2484  ??  Is  31Aug15  0:01.00 sshd: kevinw@notty (sshd)
root  97322  0.0  0.2  7288  2484  ??  Is  31Aug15  0:00.71 sshd: andy@notty (sshd)
root  61994  0.0  0.1  2096  804  p0  R+  10:37AM  0:00.01 grep sshd
root@SRX3600-FW-1%
root@SRX3600-FW-1%

把进程杀杀杀,全部杀光:

root@SRX3600-FW-1%
root@SRX3600-FW-1% kill -9 4449
kill -9 6513
root@SRX3600-FW-1% kill -9 6513
kill -9 17193
root@SRX3600-FW-1% kill -9 17193
root@SRX3600-FW-1% kill -9 17558
root@SRX3600-FW-1% kill -9 18548
root@SRX3600-FW-1% kill -9 21354
root@SRX3600-FW-1% kill -9 21658
root@SRX3600-FW-1% kill -9 27719
root@SRX3600-FW-1% kill -9 28611
root@SRX3600-FW-1% kill -9 33524
root@SRX3600-FW-1% kill -9 36425
root@SRX3600-FW-1% kill -9 36800
root@SRX3600-FW-1%
root@SRX3600-FW-1% kill -9 42448
root@SRX3600-FW-1% kill -9 42450
root@SRX3600-FW-1% kill -9 42953
root@SRX3600-FW-1% kill -9 45193
root@SRX3600-FW-1% kill -9 47703
root@SRX3600-FW-1% kill -9 50156
root@SRX3600-FW-1% kill -9 51153
kill -9 51155
root@SRX3600-FW-1% kill -9 51155
root@SRX3600-FW-1% kill -9 54215
root@SRX3600-FW-1% kill -9 54223
root@SRX3600-FW-1% kill -9 58693
root@SRX3600-FW-1% kill -9 60181
root@SRX3600-FW-1% kill -9 60286
root@SRX3600-FW-1% kill -9 60326
root@SRX3600-FW-1% kill -9 61834
root@SRX3600-FW-1% kill -9 61981
61981: No such process
root@SRX3600-FW-1% kill -9 77273
root@SRX3600-FW-1%
root@SRX3600-FW-1% kill -9 78136
root@SRX3600-FW-1% kill -9 79456
root@SRX3600-FW-1% kill -9 80979
kill -9 93209
kill -9 93754
kill -9 97322
root@SRX3600-FW-1% kill -9 93209
root@SRX3600-FW-1% kill -9 93754
root@SRX3600-FW-1% kill -9 97322
root@SRX3600-FW-1%
root@SRX3600-FW-1%
root@SRX3600-FW-1% ps -aux | grep sshd
root   4066  0.0  0.2  7288  2488  ??  Is   9Sep15  0:00.18 sshd: james@notty (sshd)
root  56559  0.0  0.2  7288  2484  ??  Is  25Aug15  0:00.24 sshd: james@notty (sshd)
root  61910  0.0  0.2  7292  2480  ??  Ss  10:30AM  0:00.29 sshd: james@ttyp0 (sshd)
root  62018  0.0  0.2  7300  2492  ??  Ss  10:40AM  0:00.13 sshd: kevinw@ttyp1 (sshd)
root  62046  0.0  0.2  6084  2432  ??  S   10:43AM  0:00.18 sshd: nsm [priv] (sshd)
sshd  62047  0.0  0.1  5740  1192  ??  I   10:43AM  0:00.11 sshd: nsm [net] (sshd)
root  86243  0.0  0.2  7288  2488  ??  Is  26Aug15  0:00.25 sshd: james@notty (sshd)
root  62049  0.0  0.1  2168  868  p0  S+  10:43AM  0:00.01 grep sshd
root@SRX3600-FW-1% kill -9 4066
root@SRX3600-FW-1% kill -9 56559
root@SRX3600-FW-1% ps -aux | grep sshd
root  62055  0.3  0.2  6084  2432  ??  S   10:44AM  0:00.33 sshd: nsm [priv] (sshd)
root  61910  0.0  0.2  7292  2480  ??  Ss  10:30AM  0:00.30 sshd: james@ttyp0 (sshd)
root  62018  0.0  0.2  7300  2492  ??  Ss  10:40AM  0:00.17 sshd: kevinw@ttyp1 (sshd)
sshd  62056  0.0  0.1  5740  1192  ??  I   10:44AM  0:00.11 sshd: nsm [net] (sshd)
root  86243  0.0  0.2  7288  2488  ??  Is  26Aug15  0:00.25 sshd: james@notty (sshd)
root  62058  0.0  0.1  2096  740  p0  R+  10:44AM  0:00.01 grep sshd
root@SRX3600-FW-1% kill -9 86243
root@SRX3600-FW-1% ps -aux | grep sshd
root  62060 20.0  0.2  6084  2432  ??  S   10:44AM  0:00.62 sshd: nsm [priv] (sshd)
sshd  62061  5.1  0.1  5740  1192  ??  S   10:44AM  0:00.11 sshd: nsm [net] (sshd)
root  61910  0.0  0.2  7292  2480  ??  Ss  10:30AM  0:00.31 sshd: james@ttyp0 (sshd)
root  62018  0.0  0.2  7300  2492  ??  Ss  10:40AM  0:00.19 sshd: kevinw@ttyp1 (sshd)
root  62063  0.0  0.1  2124  848  p0  R+  10:44AM  0:00.01 grep sshd
root@SRX3600-FW-1%

……

杀光后,发现世界干净很多了。。^_^

{primary:node0}
james@SRX3600-FW-1> show system connections
node0:
--------------------------------------------------------------------------
Active Internet connections (including servers)
Proto Recv-Q Send-Q  Local Address                 Foreign Address                (state)
tcp4    0    0  10.111.141.146.55847              10.251.143.1.7804               ESTABLISHED
tcp4    0    0  10.111.141.146.56422              10.244.136.250.22               ESTABLISHED
tcp4    0    0  10.111.141.146.22               10.101.149.30.48485              ESTABLISHED
tcp4    0    0  10.111.141.146.22               10.251.152.212.4002              ESTABLISHED
tcp4    0    0  10.111.141.146.22               10.101.149.27.9228               TIME_WAIT
tcp4    0    0  10.111.141.146.60840              10.251.139.21.23                FIN_WAIT_1
tcp4    0    0  10.111.141.146.22               10.101.149.24.23601              TIME_WAIT
tcp4    0    0  10.111.141.146.22               10.101.149.27.35025              TIME_WAIT
tcp4    0    0  129.16.0.1.51627                130.16.1.22.49713               ESTABLISHED
tcp4    0    0  129.16.0.1.51627                130.16.1.24.49713               ESTABLISHED
tcp4    0    0  129.16.0.1.51627                130.16.1.24.64910               ESTABLISHED
tcp4    0    0  129.16.0.1.51627                130.16.1.22.64910               ESTABLISHED
tcp4    0    0  129.16.0.1.51627                130.16.1.22.56881               ESTABLISHED
tcp4    0    0  129.16.0.1.51627                130.16.1.22.58046               ESTABLISHED
tcp4    0    0  129.16.0.1.51627                130.16.1.24.56881               ESTABLISHED
tcp4    0    0  129.16.0.1.51627                130.16.1.24.58046               ESTABLISHED
tcp4    0    0  129.16.0.1.51627                129.16.1.22.49713               ESTABLISHED
tcp4    0    0  129.16.0.1.51627                129.16.1.22.64910               ESTABLISHED
tcp4    0    0  129.16.0.1.51627                129.16.1.24.49713               ESTABLISHED
tcp4    0    0  129.16.0.1.51627                129.16.1.22.56881               ESTABLISHED
tcp4    0    0  129.16.0.1.51627                129.16.1.22.58046               ESTABLISHED
tcp4    0    0  129.16.0.1.51627                129.16.1.24.64910               ESTABLISHED
tcp4    0    0  129.16.0.1.51627                129.16.1.24.56881               ESTABLISHED
tcp4    0    0  129.16.0.1.51627                129.16.1.24.58046               ESTABLISHED
tcp4    0    0  *.22                      *.*                      LISTEN
tcp4    0    0  129.16.0.1.9000                129.16.0.1.61057                ESTABLISHED
tcp4    0    0  129.16.0.1.61057                129.16.0.1.9000                ESTABLISHED
tcp4    0    0  *.7000                     *.*                      LISTEN
tcp4    0    0  *.6156                     *.*                      LISTEN
tcp4    0    0  *.666                     *.*                      LISTEN
tcp4    0    0  *.6159                     *.*                      LISTEN
tcp4    0    0  129.16.0.1.9000                129.16.0.1.53096                ESTABLISHED
tcp4    0    0  129.16.0.1.53096                129.16.0.1.9000                ESTABLISHED
tcp4    0    0  *.9000                     *.*                      LISTEN
tcp4    0    0  *.51627                    *.*                      LISTEN
tcp4    0    0  *.6161                     *.*                      LISTEN
tcp4    0    0  *.31343                    *.*                      LISTEN
tcp4    0    0  *.31341                    *.*                      LISTEN
tcp4    0    0  *.2049                     *.*                      LISTEN
tcp4    0    0  *.6666                     *.*                      LISTEN
tcp4    0    0  *.830                     *.*                      LISTEN
tcp4    0    0  *.514                     *.*                      LISTEN
tcp4    0    0  *.513                     *.*                      LISTEN
tcp4    0    0  *.6234                     *.*                      LISTEN
udp4    0    0  *.49299                    *.*
udp46    0    0  *.514                     *.*
udp4    0    0  *.514                     *.*
udp4    72    0  *.55829                    *.*
udp4    0    0  129.16.0.1.123                 *.*
udp4    0    0  *.123                     *.*
udp4    0    0  *.31342                    *.*
udp46    0    0  *.64560                    *.*
udp4    0    0  10.111.141.146.64967              *.*
udp46    0    0  *.161                     *.*
udp4    0    0  *.161                     *.*
udp46    0    0  *.4500                     *.*
udp4    0    0  *.4500                     *.*
udp46    0    0  *.500                     *.*
udp4    0    0  *.500                     *.*
udp46    0    0  *.49152                    *.*
udp46    0    0  *.4784                     *.*
udp46    0    0  *.3784                     *.*
udp4    0    0  *.49152                    *.*
udp4    0    0  *.4784                     *.*
udp4    0    0  *.3784                     *.*
udp4    0    0  *.31340                    *.*
udp4    0    0  *.31340                    *.*
udp4    0    0  *.2049                     *.*
udp4    0    0  *.6666                     *.*
udp4    0    0  *.6333                     *.*
ip4     0    0  *.*                      *.*
ip4     0    0  *.*                      *.*
ip4     0    0  *.*                      *.*
ip4     0    0  *.*                      *.*
ip4     0    0  *.*                      *.*

node1:
--------------------------------------------------------------------------
Active Internet connections (including servers)
Proto Recv-Q Send-Q  Local Address                 Foreign Address                (state)
tcp4    0    0  *.7000                     *.*                      LISTEN
tcp4    0    0  *.9000                     *.*                      LISTEN
tcp4    0    0  *.6161                     *.*                      LISTEN
tcp4    0    0  *.31343                    *.*                      LISTEN
tcp4    0    0  *.31341                    *.*                      LISTEN
tcp4    0    0  *.2049                     *.*                      LISTEN
tcp4    0    0  *.6666                     *.*                      LISTEN
tcp4    0    0  *.830                     *.*                      LISTEN
tcp4    0    0  *.22                      *.*                      LISTEN
tcp4    0    0  *.514                     *.*                      LISTEN
tcp4    0    0  *.513                     *.*                      LISTEN
tcp4    0    0  *.6234                     *.*                      LISTEN
udp46    0    0  *.514                     *.*
udp4    0    0  *.514                     *.*
udp46    0    0  *.59430                    *.*
udp4    0    0  10.111.141.146.63851              *.*
udp4    0    0  *.31342                    *.*
udp46    0    0  *.161                     *.*
udp4    0    0  *.161                     *.*
udp46    0    0  *.49152                    *.*
udp46    0    0  *.4784                     *.*
udp46    0    0  *.3784                     *.*
udp4    0    0  *.49152                    *.*
udp4    0    0  *.4784                     *.*
udp4    0    0  *.3784                     *.*
udp4    0    0  *.31340                    *.*
udp4    0    0  *.31340                    *.*
udp4    0    0  130.16.0.1.123                 *.*
udp4    0    0  *.123                     *.*
udp4    0    0  *.2049                     *.*
udp4    0    0  *.6666                     *.*
udp4    0    0  *.6333                     *.*
ip4     0    0  *.*                      *.*
ip4     0    0  *.*                      *.*

{primary:node0}
james@SRX3600-FW-1>

另外有需要云服务器可以了解下创新互联scvps.cn,海内外云服务器15元起步,三天无理由+7*72小时售后在线,公司持有idc许可证,提供“云服务器、裸金属服务器、高防服务器、香港服务器、美国服务器、虚拟主机、免备案服务器”等云主机租用服务以及企业上云的综合解决方案,具有“安全稳定、简单易用、服务可用性高、性价比高”等特点与优势,专为企业上云打造定制,能够满足用户丰富、多元化的应用场景需求。


网站标题:JuniperSRX防火墙系统会话链接的清除-创新互联
浏览地址:http://azwzsj.com/article/hdghg.html