为什么当子进程关闭时,apache 会记录“(111)连接被拒绝”警告

为什么当子进程关闭时,apache 会记录“(111)连接被拒绝”警告

我正在运行使用 apache 的服务器,并且 apache 错误日志会定期收到此警告,通常是在访问该站点时出现,并且通常每次至少出现两到三个访问组。

[Sun Nov 22 15:23:59.570652 2015] [core:warn] [pid 4542] (111)Connection refused: AH00056: connect to listener on [::]:80

pid 4542 是 apache 的父进程。我很好奇是什么导致了这些警告,它们是否表示存在问题,以及我可以做些什么来防止它们填满 apache 错误日志。

我已经做了一些测试和研究,对可能发生的事情有一些想法。到目前为止最有用的是启用 apache 的 trace8 日志记录,它显示每个“(111)Connection denied”警告之后都会关闭一个 apache 子进程。当有一组警告时,第一个或两个警告之后会立即关闭一个 apache 子进程,然后后续警告会在关闭子进程之前延迟长达 12 秒。然后在最后一个进程关闭后的一分钟内,新的进程将打开以填补空出的位置。以下是整个过程一轮的日志摘录:

[Sun Nov 22 15:23:59.570652 2015] [core:warn] [pid 4542] (111)Connection refused: AH00056: connect to listener on [::]:80
[Sun Nov 22 15:24:01.570677 2015] [core:warn] [pid 4542] (111)Connection refused: AH00056: connect to listener on [::]:80
[Sun Nov 22 15:24:01.570721 2015] [core:trace4] [pid 4542] mpm_common.c(534): mpm child 5760 (gen 2/slot 11) exited 
[Sun Nov 22 15:24:03.570674 2015] [core:warn] [pid 4542] (111)Connection refused: AH00056: connect to listener on [::]:80
[Sun Nov 22 15:24:05.570674 2015] [core:warn] [pid 4542] (111)Connection refused: AH00056: connect to listener on [::]:80
[Sun Nov 22 15:24:05.570712 2015] [core:trace4] [pid 4542] mpm_common.c(534): mpm child 5762 (gen 2/slot 12) exited
[Sun Nov 22 15:24:07.570703 2015] [core:warn] [pid 4542] (111)Connection refused: AH00056: connect to listener on [::]:80
[Sun Nov 22 15:24:13.576458 2015] [core:trace4] [pid 4542] mpm_common.c(534): mpm child 5701 (gen 2/slot 1) exited
[Sun Nov 22 15:24:14.577507 2015] [core:trace4] [pid 4542] mpm_common.c(534): mpm child 5703 (gen 2/slot 7) exited
[Sun Nov 22 15:24:17.580632 2015] [core:trace4] [pid 4542] mpm_common.c(534): mpm child 5712 (gen 2/slot 6) exited
[Sun Nov 22 15:24:46.608431 2015] [core:trace4] [pid 4542] mpm_common.c(534): mpm child 5800 (gen 2/slot 1) started
[Sun Nov 22 15:24:49.611368 2015] [core:trace4] [pid 4542] mpm_common.c(534): mpm child 5802 (gen 2/slot 6) started
[Sun Nov 22 15:26:16.699374 2015] [core:trace4] [pid 4542] mpm_common.c(534): mpm child 5851 (gen 2/slot 7) started
[Sun Nov 22 15:26:17.701274 2015] [core:trace4] [pid 4542] mpm_common.c(534): mpm child 5852 (gen 2/slot 11) started
[Sun Nov 22 15:26:17.701821 2015] [core:trace4] [pid 4542] mpm_common.c(534): mpm child 5853 (gen 2/slot 12) started

根据对类似错误的阅读,我得到的印象是,警告是由于 apache 父进程(尝试)与子进程通信时出现问题而引起的。但显然通信以某种方式成功了,因为子进程正在关闭。假设这是正在发生的事情(我不确定是否如此),我仍然不确定该怎么做。

这台计算机上的网络配置似乎与此相关的一个方面是,连接是通过一个名为位掩码。它具有防火墙配置,可防止非加密数据通过网络连接泄露,如下所示:

/etc/apache2$ sudo iptables --list
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
bitmask    all  --  anywhere             anywhere            

Chain bitmask (1 references)
target     prot opt source               destination         
ACCEPT     all  --  anywhere             192.168.1.0/24      
ACCEPT     udp  --  192.168.1.0/24       anywhere             udp dpt:domain
ACCEPT     tcp  --  192.168.1.0/24       anywhere             tcp dpt:domain
RETURN     udp  --  anywhere             239.255.255.250      udp dpt:1900
RETURN     udp  --  anywhere             224.0.0.251          udp dpt:mdns
ACCEPT     all  --  anywhere             anon.riseup.net     
REJECT     all  --  anywhere             anywhere             reject-with icmp-port-unreachable

任何有助于理解和/或停止此日志警告的解释都值得赞赏。或者朝这个方向进行进一步的测试。谢谢。

相关内容