Archive for September, 2015

Reducing TIME_WAIT sockets in Nginx and Apache

Edit /etc/sysctl.conf and add

# Enables fast recycling of TIME_WAIT sockets.
# (Use with caution according to the kernel documentation!)
net.ipv4.tcp_tw_recycle = 1

# Allow reuse of sockets in TIME_WAIT state for new connections
# only when it is safe from the network stack’s perspective.
net.ipv4.tcp_tw_reuse = 1

After this run in terminal

sysctl -p

 

PS: DO NOT USE THIS IF YOUR CLIENTS ARE BEHIND A NAT (Thanks Jero).

Advertisements

,

1 Comment

Reverse SSH, using SSH tunnel to bypass NAT

If you want to connect using SSH in a machine that is behind a NAT and have no wait to configure a port forward, here goes the way to do it.

#Execute this in machine behind NAT

ssh -o StrictHostKeyChecking=no -C -N -f -R 2222:127.0.0.1:22 user@remote_host_with_public_ip

#Execute this in server with public IP

ssh -p 2222 localhost -l root

Leave a comment

Clear iptables rules

To clear all iptables rules you can simple execute this in your terminal ( using root user)

iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT

Leave a comment