我正在运行使用 apache 的服务器,并且 apache 错误日志会定期收到此警告,通常是在访问该站点时出现,并且通常每次至少出现两到三个访问组。
[Sun Nov 22 15:23:59.570652 2015] [core:warn] [pid 4542] (111)Connection refused: AH00056: connect to listener on [::]:80
pid 4542 是 apache 的父进程。我很好奇是什么导致了这些警告,它们是否表示存在问题,以及我可以做些什么来防止它们填满 apache 错误日志。
我已经做了一些测试和研究,对可能发生的事情有一些想法。到目前为止最有用的是启用 apache 的 trace8 日志记录,它显示每个“(111)Connection denied”警告之后都会关闭一个 apache 子进程。当有一组警告时,第一个或两个警告之后会立即关闭一个 apache 子进程,然后后续警告会在关闭子进程之前延迟长达 12 秒。然后在最后一个进程关闭后的一分钟内,新的进程将打开以填补空出的位置。以下是整个过程一轮的日志摘录:
[Sun Nov 22 15:23:59.570652 2015] [core:warn] [pid 4542] (111)Connection refused: AH00056: connect to listener on [::]:80
[Sun Nov 22 15:24:01.570677 2015] [core:warn] [pid 4542] (111)Connection refused: AH00056: connect to listener on [::]:80
[Sun Nov 22 15:24:01.570721 2015] [core:trace4] [pid 4542] mpm_common.c(534): mpm child 5760 (gen 2/slot 11) exited
[Sun Nov 22 15:24:03.570674 2015] [core:warn] [pid 4542] (111)Connection refused: AH00056: connect to listener on [::]:80
[Sun Nov 22 15:24:05.570674 2015] [core:warn] [pid 4542] (111)Connection refused: AH00056: connect to listener on [::]:80
[Sun Nov 22 15:24:05.570712 2015] [core:trace4] [pid 4542] mpm_common.c(534): mpm child 5762 (gen 2/slot 12) exited
[Sun Nov 22 15:24:07.570703 2015] [core:warn] [pid 4542] (111)Connection refused: AH00056: connect to listener on [::]:80
[Sun Nov 22 15:24:13.576458 2015] [core:trace4] [pid 4542] mpm_common.c(534): mpm child 5701 (gen 2/slot 1) exited
[Sun Nov 22 15:24:14.577507 2015] [core:trace4] [pid 4542] mpm_common.c(534): mpm child 5703 (gen 2/slot 7) exited
[Sun Nov 22 15:24:17.580632 2015] [core:trace4] [pid 4542] mpm_common.c(534): mpm child 5712 (gen 2/slot 6) exited
[Sun Nov 22 15:24:46.608431 2015] [core:trace4] [pid 4542] mpm_common.c(534): mpm child 5800 (gen 2/slot 1) started
[Sun Nov 22 15:24:49.611368 2015] [core:trace4] [pid 4542] mpm_common.c(534): mpm child 5802 (gen 2/slot 6) started
[Sun Nov 22 15:26:16.699374 2015] [core:trace4] [pid 4542] mpm_common.c(534): mpm child 5851 (gen 2/slot 7) started
[Sun Nov 22 15:26:17.701274 2015] [core:trace4] [pid 4542] mpm_common.c(534): mpm child 5852 (gen 2/slot 11) started
[Sun Nov 22 15:26:17.701821 2015] [core:trace4] [pid 4542] mpm_common.c(534): mpm child 5853 (gen 2/slot 12) started
根据对类似错误的阅读,我得到的印象是,警告是由于 apache 父进程(尝试)与子进程通信时出现问题而引起的。但显然通信以某种方式成功了,因为子进程正在关闭。假设这是正在发生的事情(我不确定是否如此),我仍然不确定该怎么做。
这台计算机上的网络配置似乎与此相关的一个方面是,连接是通过一个名为位掩码。它具有防火墙配置,可防止非加密数据通过网络连接泄露,如下所示:
/etc/apache2$ sudo iptables --list
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
bitmask all -- anywhere anywhere
Chain bitmask (1 references)
target prot opt source destination
ACCEPT all -- anywhere 192.168.1.0/24
ACCEPT udp -- 192.168.1.0/24 anywhere udp dpt:domain
ACCEPT tcp -- 192.168.1.0/24 anywhere tcp dpt:domain
RETURN udp -- anywhere 239.255.255.250 udp dpt:1900
RETURN udp -- anywhere 224.0.0.251 udp dpt:mdns
ACCEPT all -- anywhere anon.riseup.net
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
任何有助于理解和/或停止此日志警告的解释都值得赞赏。或者朝这个方向进行进一步的测试。谢谢。