I noticed that a lot of apache sessions were showing with the status of '...reading...'.
If I checked the source of these, they were all coming from one IP address.
I therefore used the following command:
iptables -I INPUT -s XXX.XXX.XXX.XXX -j DROP (where XXX.XXX.XXX.XXX is the IP address)
However, after doing this, and running the following command:
tail -f /usr/local/apache/logs/access_log
I still get new entries showing as:
XXX.XXX.XXX.XXX - - [09/Jun/2006:21:05:15 +0100] "-" 408 -
XXX.XXX.XXX.XXX - - [09/Jun/2006:21:05:26 +0100] "-" 408 -
XXX.XXX.XXX.XXX - - [09/Jun/2006:21:06:02 +0100] "-" 408 -
XXX.XXX.XXX.XXX - - [09/Jun/2006:21:06:15 +0100] "-" 408 -
XXX.XXX.XXX.XXX - - [09/Jun/2006:21:06:26 +0100] "-" 408 -
Any ideas ???
Will entries in the iptables table automatically be saved on updates, reboots, etc ?
Thanks again,
Daniel
If I checked the source of these, they were all coming from one IP address.
I therefore used the following command:
iptables -I INPUT -s XXX.XXX.XXX.XXX -j DROP (where XXX.XXX.XXX.XXX is the IP address)
However, after doing this, and running the following command:
tail -f /usr/local/apache/logs/access_log
I still get new entries showing as:
XXX.XXX.XXX.XXX - - [09/Jun/2006:21:05:15 +0100] "-" 408 -
XXX.XXX.XXX.XXX - - [09/Jun/2006:21:05:26 +0100] "-" 408 -
XXX.XXX.XXX.XXX - - [09/Jun/2006:21:06:02 +0100] "-" 408 -
XXX.XXX.XXX.XXX - - [09/Jun/2006:21:06:15 +0100] "-" 408 -
XXX.XXX.XXX.XXX - - [09/Jun/2006:21:06:26 +0100] "-" 408 -
Any ideas ???
Will entries in the iptables table automatically be saved on updates, reboots, etc ?
Thanks again,
Daniel