Juniper SRX防火墙系统会话链接的清除 / 憋错料

Juniper SRX防火墙系统会话链接的清除

维护Juniper防火墙SRX系列防火墙，一段时间后，发现防火墙老是有时候登录不上去，有时候可以登录。

查看用户的时候，发现，系统挂了很多连接会话，怪不得老是无法登录，资料被消耗了。

用户并不多：

{primary:node0}
[email protected]> show system users
node0:
--------------------------------------------------------------------------
3:58PM up 648 days, 15:42, 3 users, load averages: 0.27, 0.19, 0.14
USER TTY FROM [email protected] IDLE WHAT
james p0 10.251.152.212 2:42PM 1:07 ssh 10.244.136
james p1 10.251.152.212 3:53PM - -cli (cli)

node1:
--------------------------------------------------------------------------
3:58PM up 40 days, 10 hrs, 0 users, load averages: 0.17, 0.19, 0.12

连接数倒是很多。。。

[email protected]> show system connections | match 10.111.141.146.22
tcp4 0 0 10.111.141.146.22 10.251.152.212.1669 ESTABLISHED
tcp4 0 0 10.111.141.146.22 10.251.152.212.1281 ESTABLISHED
tcp4 0 0 10.111.141.146.22 10.101.149.27.46565 ESTABLISHED
tcp4 0 0 10.111.141.146.22 10.101.149.24.40582 ESTABLISHED
tcp4 0 0 10.111.141.146.22 10.101.149.30.3102 ESTABLISHED
tcp4 0 0 10.111.141.146.22 10.101.149.30.27496 ESTABLISHED
tcp4 0 0 10.111.141.146.22 10.101.149.30.22894 ESTABLISHED
tcp4 0 0 10.111.141.146.22 10.101.149.30.22890 ESTABLISHED
tcp4 0 0 10.111.141.146.22 10.101.149.30.21030 ESTABLISHED
tcp4 0 0 10.111.141.146.22 10.101.149.30.25413 ESTABLISHED
tcp4 0 0 10.111.141.146.22 10.101.149.24.51123 ESTABLISHED
tcp4 0 0 10.111.141.146.22 10.101.149.27.59378 ESTABLISHED
tcp4 0 0 10.111.141.146.22 10.101.149.26.40712 ESTABLISHED
tcp4 0 0 10.111.141.146.22 10.101.149.27.9228 ESTABLISHED
tcp4 0 0 10.111.141.146.22 10.101.149.26.7785 ESTABLISHED
tcp4 0 0 10.111.141.146.22 10.101.149.27.27143 ESTABLISHED
tcp4 0 0 10.111.141.146.22 10.101.149.27.46143 ESTABLISHED
tcp4 0 0 10.111.141.146.22 10.101.149.28.9249 ESTABLISHED
tcp4 0 0 10.111.141.146.22 10.101.149.24.19977 ESTABLISHED
tcp4 0 0 10.111.141.146.22 10.101.149.30.54018 ESTABLISHED
tcp4 0 0 10.111.141.146.22 10.101.149.24.37582 ESTABLISHED
tcp4 0 0 10.111.141.146.22 10.101.149.28.39697 ESTABLISHED
tcp4 0 0 10.111.141.146.22 10.101.149.30.51267 ESTABLISHED
tcp4 0 0 10.111.141.146.22 10.101.149.30.28047 ESTABLISHED
tcp4 0 0 10.111.141.146.22 10.101.149.30.36206 ESTABLISHED
tcp4 0 0 10.111.141.146.22 10.101.149.26.12024 ESTABLISHED
tcp4 0 0 10.111.141.146.22 10.101.149.28.19595 ESTABLISHED
tcp4 0 0 10.111.141.146.22 10.101.149.27.32237 ESTABLISHED
tcp4 0 0 10.111.141.146.22 10.101.149.28.62761 ESTABLISHED
tcp4 0 0 10.111.141.146.22 10.101.149.28.8727 ESTABLISHED
tcp4 0 0 10.111.141.146.22 10.101.149.28.57345 ESTABLISHED
tcp4 0 0 10.111.141.146.22 10.101.149.24.7457 ESTABLISHED
tcp4 0 0 10.111.141.146.22 10.101.149.28.60782 ESTABLISHED
tcp4 0 0 10.111.141.146.22 10.101.149.30.50150 ESTABLISHED
tcp4 0 0 10.111.141.146.22 10.101.149.24.23601 ESTABLISHED
tcp4 0 0 10.111.141.146.22 10.101.149.30.54827 ESTABLISHED
tcp4 0 0 10.111.141.146.22 10.101.149.28.51074 ESTABLISHED
tcp4 0 0 10.111.141.146.22 10.101.149.27.35025 ESTABLISHED
tcp4 0 0 10.111.141.146.22 10.101.149.26.13587 ESTABLISHED

登录查看是那些进程：

[email protected]% ps -aux | grep sshd
root 61980 0.1 0.2 6084 2432 ?? S 10:37AM 0:00.30 sshd: nsm [priv] (sshd)
root 3740 0.0 0.2 7288 2484 ?? Is 9Sep15 0:00.76 sshd: [email protected] (sshd)
root 3791 0.0 0.2 7288 2484 ?? Is 9Sep15 0:00.50 sshd: [email protected] (sshd)
root 4066 0.0 0.2 7288 2488 ?? Is 9Sep15 0:00.18 sshd: [email protected] (sshd)
root 4449 0.0 0.2 7288 2484 ?? Is 9Sep15 0:00.38 sshd: [email protected] (sshd)
root 6513 0.0 0.2 7288 2484 ?? Is 1Sep15 0:00.29 sshd: [email protected] (sshd)
root 17193 0.0 0.2 7288 2484 ?? Is 1Sep15 0:00.29 sshd: [email protected] (sshd)
root 17558 0.0 0.2 7288 2484 ?? Is Mon02PM 0:00.26 sshd: [email protected] (sshd)
root 18548 0.0 0.2 7288 2484 ?? Is Mon03PM 0:00.16 sshd: [email protected] (sshd)
root 21354 0.0 0.2 7288 2484 ?? Is 1Sep15 0:00.41 sshd: [email protected] (sshd)
root 21658 0.0 0.2 7288 2484 ?? Is 1Sep15 0:00.25 sshd: [email protected] (sshd)
root 27719 0.0 0.2 7288 2484 ?? Is 28Aug15 0:00.39 sshd: [email protected] (sshd)
root 28611 0.0 0.2 7288 2484 ?? Is Thu04PM 0:00.23 sshd: [email protected] (sshd)
root 33524 0.0 0.2 7288 2484 ?? Is 24Aug15 0:00.19 sshd: [email protected] (sshd)
root 36425 0.0 0.2 7288 2484 ?? Is 6Sep15 0:00.26 sshd: [email protected] (sshd)
root 36800 0.0 0.2 7288 2484 ?? Is 6Sep15 0:00.27 sshd: [email protected] (sshd)
root 42448 0.0 0.2 7300 2496 ?? Is Tue03PM 0:00.13 sshd: [email protected] (sshd)
root 42450 0.0 0.2 7300 2496 ?? Is Tue03PM 0:00.13 sshd: [email protected] (sshd)
root 42953 0.0 0.2 7300 2496 ?? Is Tue04PM 0:00.31 sshd: [email protected] (sshd)
root 45193 0.0 0.2 7288 2484 ?? Is 2Sep15 0:00.62 sshd: [email protected] (sshd)
root 47703 0.0 0.2 7288 2484 ?? Is Fri12PM 0:00.83 sshd: [email protected] (sshd)
root 50156 0.0 0.2 7300 2496 ?? Is Wed09AM 0:00.13 sshd: [email protected] (sshd)
root 51153 0.0 0.2 7300 2496 ?? Is 11:24AM 0:00.13 sshd: [email protected] (sshd)
root 51155 0.0 0.2 7300 2496 ?? Is 11:24AM 0:00.13 sshd: [email protected] (sshd)
root 54215 0.0 0.2 7300 2496 ?? Is 5:09PM 0:00.13 sshd: [email protected] (sshd)
root 54223 0.0 0.2 7300 2496 ?? Is 5:10PM 0:00.13 sshd: [email protected] (sshd)
root 56559 0.0 0.2 7288 2484 ?? Is 25Aug15 0:00.24 sshd: [email protected] (sshd)
root 58693 0.0 0.2 7288 2484 ?? Is 7Sep15 0:00.70 sshd: [email protected] (sshd)
root 60181 0.0 0.2 7288 2484 ?? Is 7Sep15 0:00.31 sshd: [email protected] (sshd)
root 60286 0.0 0.2 7288 2484 ?? Is 7Sep15 0:00.21 sshd: [email protected] (sshd)
root 60326 0.0 0.2 7288 2484 ?? Is 7Sep15 0:00.19 sshd: [email protected] (sshd)
root 61834 0.0 0.2 7288 2484 ?? Is 25Aug15 0:00.37 sshd: [email protected] (sshd)
root 61910 0.0 0.2 7292 2480 ?? Ss 10:30AM 0:00.22 sshd: [email protected] (sshd)
sshd 61981 0.0 0.1 5740 1192 ?? I 10:37AM 0:00.11 sshd: nsm [net] (sshd)
root 77273 0.0 0.2 7288 2484 ?? Is 8Sep15 0:00.30 sshd: [email protected] (sshd)
root 78136 0.0 0.2 7288 2484 ?? Is 8Sep15 0:00.86 sshd: [email protected] (sshd)
root 79456 0.0 0.4 8512 3692 ?? Is 26Aug15 0:01.69 sshd: [email protected] (sshd)
root 80979 0.0 0.2 7288 2480 ?? Is 8Sep15 0:01.87 sshd: [email protected] (sshd)
root 86243 0.0 0.2 7288 2488 ?? Is 26Aug15 0:00.25 sshd: [email protected] (sshd)
root 93209 0.0 0.2 7288 2488 ?? Is 31Aug15 0:00.56 sshd: [email protected] (sshd)
root 93754 0.0 0.2 7288 2484 ?? Is 31Aug15 0:01.00 sshd: [email protected] (sshd)
root 97322 0.0 0.2 7288 2484 ?? Is 31Aug15 0:00.71 sshd: [email protected] (sshd)
root 61994 0.0 0.1 2096 804 p0 R+ 10:37AM 0:00.01 grep sshd
[email protected]%
[email protected]%

把进程杀杀杀，全部杀光：

[email protected]%
[email protected]% kill -9 4449
kill -9 6513
[email protected]% kill -9 6513
kill -9 17193
[email protected]% kill -9 17193
[email protected]% kill -9 17558
[email protected]% kill -9 18548
[email protected]% kill -9 21354
[email protected]% kill -9 21658
[email protected]% kill -9 27719
[email protected]% kill -9 28611
[email protected]% kill -9 33524
[email protected]% kill -9 36425
[email protected]% kill -9 36800
[email protected]%
[email protected]% kill -9 42448
[email protected]% kill -9 42450
[email protected]% kill -9 42953
[email protected]% kill -9 45193
[email protected]% kill -9 47703
[email protected]% kill -9 50156
[email protected]% kill -9 51153
kill -9 51155
[email protected]% kill -9 51155
[email protected]% kill -9 54215
[email protected]% kill -9 54223
[email protected]% kill -9 58693
[email protected]% kill -9 60181
[email protected]% kill -9 60286
[email protected]% kill -9 60326
[email protected]% kill -9 61834
[email protected]% kill -9 61981
61981: No such process
[email protected]% kill -9 77273
[email protected]%
[email protected]% kill -9 78136
[email protected]% kill -9 79456
[email protected]% kill -9 80979
kill -9 93209
kill -9 93754
kill -9 97322
[email protected]% kill -9 93209
[email protected]% kill -9 93754
[email protected]% kill -9 97322
[email protected]%
[email protected]%
[email protected]% ps -aux | grep sshd
root 4066 0.0 0.2 7288 2488 ?? Is 9Sep15 0:00.18 sshd: [email protected] (sshd)
root 56559 0.0 0.2 7288 2484 ?? Is 25Aug15 0:00.24 sshd: [email protected] (sshd)
root 61910 0.0 0.2 7292 2480 ?? Ss 10:30AM 0:00.29 sshd: [email protected] (sshd)
root 62018 0.0 0.2 7300 2492 ?? Ss 10:40AM 0:00.13 sshd: [email protected] (sshd)
root 62046 0.0 0.2 6084 2432 ?? S 10:43AM 0:00.18 sshd: nsm [priv] (sshd)
sshd 62047 0.0 0.1 5740 1192 ?? I 10:43AM 0:00.11 sshd: nsm [net] (sshd)
root 86243 0.0 0.2 7288 2488 ?? Is 26Aug15 0:00.25 sshd: [email protected] (sshd)
root 62049 0.0 0.1 2168 868 p0 S+ 10:43AM 0:00.01 grep sshd
[email protected]% kill -9 4066
[email protected]% kill -9 56559
[email protected]% ps -aux | grep sshd
root 62055 0.3 0.2 6084 2432 ?? S 10:44AM 0:00.33 sshd: nsm [priv] (sshd)
root 61910 0.0 0.2 7292 2480 ?? Ss 10:30AM 0:00.30 sshd: [email protected] (sshd)
root 62018 0.0 0.2 7300 2492 ?? Ss 10:40AM 0:00.17 sshd: [email protected] (sshd)
sshd 62056 0.0 0.1 5740 1192 ?? I 10:44AM 0:00.11 sshd: nsm [net] (sshd)
root 86243 0.0 0.2 7288 2488 ?? Is 26Aug15 0:00.25 sshd: [email protected] (sshd)
root 62058 0.0 0.1 2096 740 p0 R+ 10:44AM 0:00.01 grep sshd
[email protected]% kill -9 86243
[email protected]% ps -aux | grep sshd
root 62060 20.0 0.2 6084 2432 ?? S 10:44AM 0:00.62 sshd: nsm [priv] (sshd)
sshd 62061 5.1 0.1 5740 1192 ?? S 10:44AM 0:00.11 sshd: nsm [net] (sshd)
root 61910 0.0 0.2 7292 2480 ?? Ss 10:30AM 0:00.31 sshd: [email protected] (sshd)
root 62018 0.0 0.2 7300 2492 ?? Ss 10:40AM 0:00.19 sshd: [email protected] (sshd)
root 62063 0.0 0.1 2124 848 p0 R+ 10:44AM 0:00.01 grep sshd
[email protected]%

……

杀光后，发现世界干净很多了。。^_^

{primary:node0}
[email protected]> show system connections
node0:
--------------------------------------------------------------------------
Active Internet connections (including servers)
Proto Recv-Q Send-Q Local Address Foreign Address (state)
tcp4 0 0 10.111.141.146.55847 10.251.143.1.7804 ESTABLISHED
tcp4 0 0 10.111.141.146.56422 10.244.136.250.22 ESTABLISHED
tcp4 0 0 10.111.141.146.22 10.101.149.30.48485 ESTABLISHED
tcp4 0 0 10.111.141.146.22 10.251.152.212.4002 ESTABLISHED
tcp4 0 0 10.111.141.146.22 10.101.149.27.9228 TIME_WAIT
tcp4 0 0 10.111.141.146.60840 10.251.139.21.23 FIN_WAIT_1
tcp4 0 0 10.111.141.146.22 10.101.149.24.23601 TIME_WAIT
tcp4 0 0 10.111.141.146.22 10.101.149.27.35025 TIME_WAIT
tcp4 0 0 129.16.0.1.51627 130.16.1.22.49713 ESTABLISHED
tcp4 0 0 129.16.0.1.51627 130.16.1.24.49713 ESTABLISHED
tcp4 0 0 129.16.0.1.51627 130.16.1.24.64910 ESTABLISHED
tcp4 0 0 129.16.0.1.51627 130.16.1.22.64910 ESTABLISHED
tcp4 0 0 129.16.0.1.51627 130.16.1.22.56881 ESTABLISHED
tcp4 0 0 129.16.0.1.51627 130.16.1.22.58046 ESTABLISHED
tcp4 0 0 129.16.0.1.51627 130.16.1.24.56881 ESTABLISHED
tcp4 0 0 129.16.0.1.51627 130.16.1.24.58046 ESTABLISHED
tcp4 0 0 129.16.0.1.51627 129.16.1.22.49713 ESTABLISHED
tcp4 0 0 129.16.0.1.51627 129.16.1.22.64910 ESTABLISHED
tcp4 0 0 129.16.0.1.51627 129.16.1.24.49713 ESTABLISHED
tcp4 0 0 129.16.0.1.51627 129.16.1.22.56881 ESTABLISHED
tcp4 0 0 129.16.0.1.51627 129.16.1.22.58046 ESTABLISHED
tcp4 0 0 129.16.0.1.51627 129.16.1.24.64910 ESTABLISHED
tcp4 0 0 129.16.0.1.51627 129.16.1.24.56881 ESTABLISHED
tcp4 0 0 129.16.0.1.51627 129.16.1.24.58046 ESTABLISHED
tcp4 0 0 *.22 *.* LISTEN
tcp4 0 0 129.16.0.1.9000 129.16.0.1.61057 ESTABLISHED
tcp4 0 0 129.16.0.1.61057 129.16.0.1.9000 ESTABLISHED
tcp4 0 0 *.7000 *.* LISTEN
tcp4 0 0 *.6156 *.* LISTEN
tcp4 0 0 *.666 *.* LISTEN
tcp4 0 0 *.6159 *.* LISTEN
tcp4 0 0 129.16.0.1.9000 129.16.0.1.53096 ESTABLISHED
tcp4 0 0 129.16.0.1.53096 129.16.0.1.9000 ESTABLISHED
tcp4 0 0 *.9000 *.* LISTEN
tcp4 0 0 *.51627 *.* LISTEN
tcp4 0 0 *.6161 *.* LISTEN
tcp4 0 0 *.31343 *.* LISTEN
tcp4 0 0 *.31341 *.* LISTEN
tcp4 0 0 *.2049 *.* LISTEN
tcp4 0 0 *.6666 *.* LISTEN
tcp4 0 0 *.830 *.* LISTEN
tcp4 0 0 *.514 *.* LISTEN
tcp4 0 0 *.513 *.* LISTEN
tcp4 0 0 *.6234 *.* LISTEN
udp4 0 0 *.49299 *.*
udp46 0 0 *.514 *.*
udp4 0 0 *.514 *.*
udp4 72 0 *.55829 *.*
udp4 0 0 129.16.0.1.123 *.*
udp4 0 0 *.123 *.*
udp4 0 0 *.31342 *.*
udp46 0 0 *.64560 *.*
udp4 0 0 10.111.141.146.64967 *.*
udp46 0 0 *.161 *.*
udp4 0 0 *.161 *.*
udp46 0 0 *.4500 *.*
udp4 0 0 *.4500 *.*
udp46 0 0 *.500 *.*
udp4 0 0 *.500 *.*
udp46 0 0 *.49152 *.*
udp46 0 0 *.4784 *.*
udp46 0 0 *.3784 *.*
udp4 0 0 *.49152 *.*
udp4 0 0 *.4784 *.*
udp4 0 0 *.3784 *.*
udp4 0 0 *.31340 *.*
udp4 0 0 *.31340 *.*
udp4 0 0 *.2049 *.*
udp4 0 0 *.6666 *.*
udp4 0 0 *.6333 *.*
ip4 0 0 *.* *.*
ip4 0 0 *.* *.*
ip4 0 0 *.* *.*
ip4 0 0 *.* *.*
ip4 0 0 *.* *.*

node1:
--------------------------------------------------------------------------
Active Internet connections (including servers)
Proto Recv-Q Send-Q Local Address Foreign Address (state)
tcp4 0 0 *.7000 *.* LISTEN
tcp4 0 0 *.9000 *.* LISTEN
tcp4 0 0 *.6161 *.* LISTEN
tcp4 0 0 *.31343 *.* LISTEN
tcp4 0 0 *.31341 *.* LISTEN
tcp4 0 0 *.2049 *.* LISTEN
tcp4 0 0 *.6666 *.* LISTEN
tcp4 0 0 *.830 *.* LISTEN
tcp4 0 0 *.22 *.* LISTEN
tcp4 0 0 *.514 *.* LISTEN
tcp4 0 0 *.513 *.* LISTEN
tcp4 0 0 *.6234 *.* LISTEN
udp46 0 0 *.514 *.*
udp4 0 0 *.514 *.*
udp46 0 0 *.59430 *.*
udp4 0 0 10.111.141.146.63851 *.*
udp4 0 0 *.31342 *.*
udp46 0 0 *.161 *.*
udp4 0 0 *.161 *.*
udp46 0 0 *.49152 *.*
udp46 0 0 *.4784 *.*
udp46 0 0 *.3784 *.*
udp4 0 0 *.49152 *.*
udp4 0 0 *.4784 *.*
udp4 0 0 *.3784 *.*
udp4 0 0 *.31340 *.*
udp4 0 0 *.31340 *.*
udp4 0 0 130.16.0.1.123 *.*
udp4 0 0 *.123 *.*
udp4 0 0 *.2049 *.*
udp4 0 0 *.6666 *.*
udp4 0 0 *.6333 *.*
ip4 0 0 *.* *.*
ip4 0 0 *.* *.*

{primary:node0}
[email protected]>

时间： 2024-11-08 23:22:51

Juniper SRX防火墙系统会话链接的清除

Juniper SRX防火墙系统会话链接的清除的相关文章

Juniper SRX防火墙HA配置

Juniper srx防火墙NAT配置

juniper SRX防火墙NAT测试

Juniper SRX防火墙-NAT学习笔记！

juniper SRX防火墙DHCP配置

Juniper SRX(Junos)配置拨号VPN （Dynamic VPN）

查看Juniper SRX系列防火墙的系统相关限制（Policy策略最大数、NAT最大数等）

JUNIPER SRX系列防火墙（JUNOS12.1）HA配置说明

Juniper老司机经验谈（SRX防火墙NAT与策略篇）视频课程上线了