Can't access all outgoing connections

B

biru

hi ...
Our server is working properly as a web server, nfs for one month, but after one month of our servers can not be accessed because the server can not access the database in another machine. I can access the web server remotely using ssh, but I can not access other machines using ssh on the server. I assume the server is blocking all outgoing connections (SSH, FTP, MySQL, NFS). My question: how it could all happen?
My kernel :
Code: 
FreeBSD xxx.xxxx.com 7.0-RELEASE FreeBSD 7.0-RELEASE #1: Thu Oct  1 17:25:17 WIT 2009     
[email]xxxx@xxxxx.com[/email]:/usr/obj/usr/src/sys/PAE  i386
Sorry if my english is not good

Regards
 
Hi,

should be a problem with the link from your webserver to the databaseserver.
Can you ping from web to db and back?
Is your db running?
Did anyone activate ACL on the db server?
Are you running from start with your own kernel? Or did it start after you changed to the "homemade" kernel. you should check this on both machines.
If you are using a static webpage, does this work?
 
Hi ..

Yes I can ping from web to db server and from db to web ..
I can ssh from db to web ...but I can't ssh and other outgoing back.
My db is running well ..
Yes it works if I use static page.
I checked all log and everything is ok.
If I reboot the web server everything goes fine ..
 
But I don't want to reboot the server every time it happens.
I'm still stuck with this :(
 
Hi,

very crazy. I had never heard of this kind of behavior.
You didn't come to my question about your kernel :(

I would do the following:
1. Try it with a gerneric kernel
2. Disable ALL unwanted services
3. Check the inetd/xinetd
4. Check with "limits" for any restrictions about filesize, open files etc.
5. Is there a firewall/packetfilter in place? If yes, it can drop your connection after a few packages.
 
Hi ,
Yes I'm running from start with my own kernel
I'm use packet filter using ipfw when it happen I'm cleaning the ipfw rule using # ipfw -q flush but still can't access outgoing ssh / mysql / nfs except ping
Ok I'll try for using generic kernel and standard "limits" for any restrictions about filesize, open files etc.
Thanks for your advice.
 
You must log in or register to reply here.
Back
Top