RouterOS一直开着但发现内存越来越少，怎么回事啊？

sinexe · 发表于 2005-2-3 08:24:52

马上注册，结交更多好友，享用更多功能，让你轻松玩转社区。

您需要登录才可以下载或查看，没有账号？注册

×

如题

mrmx · 发表于 2005-2-3 08:48:10

缓存啦，为了更快捷的解析 DNS 等等

sinexe · 发表于 2005-2-3 09:13:28

我内存消耗了近100M了，dns不会这样吧

alexhj · 发表于 2005-2-3 09:48:54

定期重启一下呗

parphy · 发表于 2005-2-3 10:37:16

这一点，ROS的确做的不如PIX好，PIX的内存释放搞的比较好（但遇到病毒攻击也还有内存方面的问题）。防火墙的连接表都是放在内存中的。正确做法是：ip firewall connection tracking> /ip firewall connection tracking set tcp-established-timeout=6h还有一个技巧，当受到病毒攻击后，MEM的使用可能会一直降不下来可以更改一下tcp-established-timeout值，过段时间就会下来了。

sblive · 发表于 2005-2-3 10:47:23

楼上的这句命令是什么意思啊？能否解释一下？

bow · 发表于 2005-2-3 11:17:46

ROS里Tcp默认的生存时间是120小时,我改成24小时了.

Horseman · 发表于 2005-2-3 13:45:35

我的也是，CPU占用很高，内存一点一点减少，最后就不转发包了，只得重启，内网经常有机器向路由的135,139,445等端口发送SYN数据包，我在firewall里都给drop掉了，可是没有用。

Horseman · 发表于 2005-2-3 14:00:41

feb/03/2005 13:56:45 forward->DROP, in:LAN, out:ADSL, prot TCP (SYN), 192.168.0.18:3499->192.42.6.253:135, len 48 feb/03/2005 13:56:45 forward->DROP, in:LAN, out:ADSL, prot TCP (SYN), 192.168.0.18:3501->192.42.6.253:445, len 48 feb/03/2005 13:56:45 forward->DROP, in:LAN, out:ADSL, prot TCP (SYN), 192.168.0.18:3512->192.249.196.70:135, len 48 feb/03/2005 13:56:45 forward->DROP, in:LAN, out:ADSL, prot TCP (SYN), 192.168.0.18:3514->192.249.196.70:445, len 48 feb/03/2005 13:56:45 forward->DROP, in:LAN, out:ADSL, prot TCP (SYN), 192.168.0.18:3516->192.249.196.70:139, len 48 feb/03/2005 13:56:45 forward->DROP, in:LAN, out:ADSL, prot TCP (SYN), 192.168.0.18:3195->192.168.195.102:135, len 48 feb/03/2005 13:57:00 input->DROP, in:lo, out:(local), prot ICMP (type 3, code 3), 127.0.0.1->127.0.0.1, len 100 feb/03/2005 13:57:00 input->DROP, in:lo, out:(local), prot ICMP (type 3, code 3), 127.0.0.1->127.0.0.1, len 100 feb/03/2005 13:57:05 input->DROP, in:lo, out:(local), prot ICMP (type 3, code 3), 127.0.0.1->127.0.0.1, len 100 feb/03/2005 13:57:05 input->DROP, in:lo, out:(local), prot ICMP (type 3, code 3), 127.0.0.1->127.0.0.1, len 100 feb/03/2005 13:57:06 input->DROP, in:ADSL, out:(local), prot TCP (SYN), 218.27.42.235:4445->218.27.158.198:139, len 48 feb/03/2005 13:57:09 input->DROP, in:ADSL, out:(local), prot TCP (SYN), 218.27.42.235:4445->218.27.158.198:139, len 48 feb/03/2005 13:57:10 input->DROP, in:lo, out:(local), prot ICMP (type 3, code 3), 127.0.0.1->127.0.0.1, len 82 feb/03/2005 13:57:10 input->DROP, in:lo, out:(local), prot ICMP (type 3, code 3), 127.0.0.1->127.0.0.1, len 82 feb/03/2005 13:57:15 input->DROP, in:lo, out:(local), prot ICMP (type 3, code 3), 127.0.0.1->127.0.0.1, len 82 feb/03/2005 13:57:15 input->DROP, in:lo, out:(local), prot ICMP (type 3, code 3), 127.0.0.1->127.0.0.1, len 82 feb/03/2005 13:57:51 input->DROP, in:ADSL, out:(local), prot TCP (SYN), 218.27.64.141:2542->218.27.158.198:139, len 48 feb/03/2005 13:57:54 input->DROP, in:ADSL, out:(local), prot TCP (SYN), 218.27.64.141:2542->218.27.158.198:139, len 48 feb/03/2005 13:58:04 input->DROP, in:ADSL, out:(local), prot TCP (SYN), 218.27.156.69:2984->218.27.158.198:135, len 48 feb/03/2005 13:58:07 input->DROP, in:ADSL, out:(local), prot TCP (SYN), 218.27.156.69:2984->218.27.158.198:135, len 48 feb/03/2005 13:58:13 input->DROP, in:ADSL, out:(local), prot TCP (SYN), 218.27.157.200:3773->218.27.158.198:445, len 48 feb/03/2005 13:58:16 input->DROP, in:ADSL, out:(local), prot TCP (SYN), 218.27.157.200:3773->218.27.158.198:445, len 48 feb/03/2005 13:58:31 input->DROP, in:ADSL, out:(local), prot TCP (SYN), 218.27.42.23:4446->218.27.158.198:139, len 48 feb/03/2005 13:58:34 input->DROP, in:ADSL, out:(local), prot TCP (SYN), 218.27.42.23:4446->218.27.158.198:139, len 48 feb/03/2005 13:58:47 input->DROP, in:ADSL, out:(local), prot TCP (SYN), 218.27.157.134:4431->218.27.158.198:135, len 48 feb/03/2005 13:58:50 input->DROP, in:ADSL, out:(local), prot TCP (SYN), 218.27.157.134:4431->218.27.158.198:135, len 48 feb/03/2005 13:58:57 input->DROP, in:ADSL, out:(local), prot TCP (SYN), 218.27.85.202:3833->218.27.158.198:139, len 48 feb/03/2005 13:59:00 input->DROP, in:ADSL, out:(local), prot TCP (SYN), 218.27.85.202:3833->218.27.158.198:139, len 48 feb/03/2005 13:59:59 user admin logged in via console feb/03/2005 14:00:11 input->DROP, in:ADSL, out:(local), prot TCP (SYN), 218.27.41.43:3313->218.27.158.198:139, len 48 feb/03/2005 14:00:13 input->DROP, in:ADSL, out:(local), prot TCP (SYN), 218.27.41.43:3313->218.27.158.198:139, len 48 feb/03/2005 14:03:04 input->DROP, in:ADSL, out:(local), prot TCP (SYN), 218.27.59.148:2542->218.27.158.198:139, len 48

7up13 · 发表于 2005-2-3 17:27:47

内存和CPU占用是在那里看的？

Horseman · 发表于 2005-2-4 11:50:25

QUOTE (parphy @ Feb 3 2005, 10:37 AM)
这一点，ROS的确做的不如PIX好，PIX的内存释放搞的比较好（但遇到病毒攻击也还有内存方面的问题）。防火墙的连接表都是放在内存中的。正确做法是：ip firewall connection tracking> /ip firewall connection tracking set tcp-established-timeout=6h还有一个技巧，当受到病毒攻击后，MEM的使用可能会一直降不下来可以更改一下tcp-established-timeout值，过段时间就会下来了。
如何更改呀？我在我的ROS里找不到这条命令！

账号		自动登录	找回密码
密码			注册

[其它] RouterOS一直开着但发现内存越来越少，怎么回事啊？

马上注册，结交更多好友，享用更多功能，让你轻松玩转社区。