')) N20 from dualNew 1:select Utl_raw.cast_to_number (lower (' c24a23 ')) N20 from dualN20----------7334--//and the other side see the code is C248EB, obviously wrong.[Email protected]> @ r/conv_n C248ebOld 1:select Utl_raw.cast_to_number (lower (' 1 ')) N20 from dualNew 1:select Utl_raw.cast_to_number (lower (' C248eb ')) N
View the number of connections for all 80 ports
Copy Code code as follows:
Netstat-nat|grep-i "80″|wc-l
to sort the connected IP by number of connections
Copy Code code as follows:
Netstat-ntu | awk ' {print $} ' | Cut-d:-f1 | Sort | uniq-c | Sort-n
View TCP connection Status
Copy Code code as follows:
Netstat-nat |awk ' {print $} ' |sort|uniq-c|sort-rn
Netstat-n | awk '/^tcp/{++s[$NF]}; End {for (a in S) print A, s[a]} '
Netstat
delimiter are NUL, not newline-W,--check-chars=n Compare No Morethan N charactersinchLines--Help display this help and exit--version output version information and Exita field is a run of blanks (usually spaces and/or TABs), Thennon-blankcharacters. Fields is skipped before chars.Note: 'uniq' does not detect repeated lines unless they is adjacent. Want to sort The input first, or use 'sort-u' without 'Uni Q'. Also, comparisons honor the rules specified by 'lc_collate'.Cat tmp.txtaaaabbbbbb
a "\ t" COUNT [a] "\ n"} 'www.2cto.com 2. for more than 20 requests, see netstat-anlp | grep 80 | grep tcp | awk '{print $5}' | awk-F: '{print $1}' | sort | uniq-c | sort-nr | head-n20 netstat-ant | awk '/: 80/{split ($5, ip, ":"); ++ A [ip [1]} END {for (I in A) print A [I], i} '| sort-rn | head-n20 3. use tcpdump to sniff access to port 80 to see who has the highest tcpdump-I eth0-tnn dst port 80-c 1000
Linux Web Server Web site failure analysis, the specific contents are as follows
System Connection Status article:
1. View TCP connection Status
Netstat-nat |awk ' {print $} ' |sort|uniq-c|sort-rn
netstat-n | awk '/^tcp/{++s[$NF]}; End {for (a in S) print A, s[a]} ' or
netstat-n | awk '/^tcp/{++state[$NF]}; End {for (key) print key, "\ T", State[key]} '
netstat-n | awk '/^tcp/{++arr[$NF]}; End {to (k in arr) print K, "T", arr[k]} '
netstat-n |awk '/^tcp/{print $NF} ' |sort|uniq-c|sor
View the number of connections for all 80 ports Netstat-nat|grep-i "|wc-l" To sort the connected IP by number of connections Netstat-ntu | awk ' {print $} ' | Cut-d:-f1 | Sort | uniq-c | Sort-n View TCP connection Status Netstat-nat |awk ' {print $} ' |sort|uniq-c|sort-rnNetstat-n | awk '/^tcp/{++s[$NF]}; End {for (a in S) print A, s[a]} 'Netstat-n | awk '/^tcp/{++state[$NF]}; End {for (key) print key, "\ T", State[key]} 'Netstat-n | awk '/^tcp/{++arr[$NF]}; End {to (k in arr) print K, "\ T", ar
1388个并发请求, this value Apache can be adjusted automatically according to the load condition.Netstat-nat|grep-i "|wc-l"#4341#netstat-an will print the current network link state of the system, and Grep-i "80" is used to extract connections related to port 80, wc-l count the number of connections.#最终返回的数字就是当前所有80端口的请求总数.Netstat-na|grep established|wc-l#376#netstat-an Prints the current network link state of the system, and grep established extracts the information that has been established for the
, trillion thorn?/p>
-P Displays the name of the program that establishes the associated link-R Displays routing information, routing table-e display extended information, such as UID, etc.-S statistics according to each protocol-C executes the netstat command at every other fixed time.
Hint: The status of listen and listening can only be seen with-a or-l
Example
First, view the number of connections for port 80
Netstat-nat|grep-i "|wc-l"
Second, the number of connected IP to sort
Netstat-
Linux DDOS and CC attack SolutionBackgroundNowadays, DDOS attacks are becoming more and more frequent. DDOS Denial-of-Service can be implemented without any technology. Some webmasters often report mysql 1040 errors on their websites, and their online users are less than one thousand, mysql configuration is fine. Generally, you need to pay attention to this situation. Your website may be attacked by CC attacks. Solutions and ideas CC attack defense measures, since the system is centos, run the f
: '{print $1}'|sort|uniq -c|sort -nr|head -n20netstat -ant |awk '/:80/{split($5,ip,":");++A[ip[1]]}END{for(i in A) print A,i}' |sort -rn|head -n20
3. Use tcpdump to sniff access to port 80 to see who is the highest
tcpdump -i eth0 -tnn dst port 80 -c 1000 | awk -F"." '{print $1"."$2"."$3"."$4}' | sort | uniq -c | sort -nr |head -20
4. Search for more time_wait connections
netstat -n|grep TIME_WAIT|awk '{print $5}'|sort|uniq -c|sort -rn|head -
{16 int I;17 long result = 0;18 For (I = 1; I 19 {20 result + = I;(GDB) break 16 Breakpoint 1 at 0x8048496: file TST. C, line 16.(GDB) Break func Breakpoint 2 at 0x8048456: file TST. C, line 5.(GDB) info break Num type disp ENB address what1 breakpoint keep Y 0x08048496 in main at TST. C: 162 breakpoint keep Y 0x08048456 in func at TST. C: 5(GDB) r Starting program:/home/hchen/test/TST
Breakpoint 1, main () at TST. C: 17 17 long result = 0;(GDB) n 18 For (I = 1; I (GDB)
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.