How can a website/browser change internal Linux connection settings?
Forum rules
Please keep everything here strictly on-topic.
This board is meant for Pale Moon source code development related subjects only like code snippets, patches, specific bugs, git, the repositories, etc.
This is not for tech support! Please do not post tech support questions in the "Development" board!
Please make sure not to use this board for support questions. Please post issues with specific websites, extensions, etc. in the relevant boards for those topics.
Please keep things on-topic as this forum will be used for reference for Pale Moon development. Expect topics that aren't relevant as such to be moved or deleted.
Please keep everything here strictly on-topic.
This board is meant for Pale Moon source code development related subjects only like code snippets, patches, specific bugs, git, the repositories, etc.
This is not for tech support! Please do not post tech support questions in the "Development" board!
Please make sure not to use this board for support questions. Please post issues with specific websites, extensions, etc. in the relevant boards for those topics.
Please keep things on-topic as this forum will be used for reference for Pale Moon development. Expect topics that aren't relevant as such to be moved or deleted.
-
- Moon lover
- Posts: 85
- Joined: 2019-02-06, 09:13
How can a website/browser change internal Linux connection settings?
More frequently these days, common websites run scripts which may be unsupported on older Palemoon, but do not cause immediate problems. Sometime later, ethernet connections begin to time out, but Linux (32bit Ubunctu 16.04-based memory-resident using 4.4.95 kernel) thinks it is still connected, forever. (The "tray" "connected" icon with its active interface info for eth0, and the ipinfo -a command show the exact same information as when the connection is working.)
Rebooting always cures the problem and it doesn't reoccur if only known-good websites/SSH connections are accessed.
It it not a DNS problem because both numerical http and numerical ping (to addresses both on the local-network and external internet) are affected. Attempted connections simply time out, rather than getting a "no path to host" error message.
The idle time between successful http(s) access and finding no-connection can be 5 minutes to 6hrs. However, in one case at USPS Global Payments (pay.usps.com/pay/checkout.html.?) the connection was lost during their processing; the first step (as shown in the PaleMoon status bar) took about 5 minutes, then the next step took forever, with only 1/2 hour total time since booting. After rebooting, each step took 2-3 seconds and no problem was noted, so the problem could have been started at a previous site.
This issue is frequently discovered when an SSH session doesn't respond within 1 second, and is confirmed when ping doesn't connect to the local gateway (192.168.86.1). However in one case http stopped responding, ping confirmed no connection, but an existing SSH connection continued working for >20 minutes before rebooting.
This is not a "support" question. as upgrading to 64 bits is in process, and fixing PM 28.16.0 (the latest 32 bit available that works) is not needed. My question is, exactly what Linux item might be altered to cause this condition, and how does a website or script do that?
Rebooting always cures the problem and it doesn't reoccur if only known-good websites/SSH connections are accessed.
It it not a DNS problem because both numerical http and numerical ping (to addresses both on the local-network and external internet) are affected. Attempted connections simply time out, rather than getting a "no path to host" error message.
The idle time between successful http(s) access and finding no-connection can be 5 minutes to 6hrs. However, in one case at USPS Global Payments (pay.usps.com/pay/checkout.html.?) the connection was lost during their processing; the first step (as shown in the PaleMoon status bar) took about 5 minutes, then the next step took forever, with only 1/2 hour total time since booting. After rebooting, each step took 2-3 seconds and no problem was noted, so the problem could have been started at a previous site.
This issue is frequently discovered when an SSH session doesn't respond within 1 second, and is confirmed when ping doesn't connect to the local gateway (192.168.86.1). However in one case http stopped responding, ping confirmed no connection, but an existing SSH connection continued working for >20 minutes before rebooting.
This is not a "support" question. as upgrading to 64 bits is in process, and fixing PM 28.16.0 (the latest 32 bit available that works) is not needed. My question is, exactly what Linux item might be altered to cause this condition, and how does a website or script do that?
-
- Board Warrior
- Posts: 1651
- Joined: 2018-06-08, 17:02
Re: How can a website/browser change internal Linux connection settings?
What is a "known good website"? (What is a known "bad" website?)it doesn't reoccur if only known-good websites/SSH connections are accessed
I'm thinking; hardware, DNS, internet provider.
And leaning toward the last, with your internet provider periodically dropping connection.
Might try power cycling your modem/router.
If TV/Internet/phone are all from same provider, check to see if any or all parts are down when this happens.
Try a different browser. Firefox easily allows you to switch DNS providers, on the fly, switching between "system", & a couple others.
(Though I don't seem to see it in 115 ESR ?)
-
- Pale Moon guru
- Posts: 35651
- Joined: 2011-08-28, 17:27
- Location: Motala, SE
Re: How can a website/browser change internal Linux connection settings?
This kind of connectivity is normally governed at the networking level, not the application level. You may want to double-check that your TCP/IP stack is properly configured. Pale Moon closes inactive connections after a reasonable timeout (network.http.keep-alive.timeout) and at that point any open connections that persist would be caused by lower level issues.
Also, please ensure your gateway doesn't choke on http pipelining (some networking devices really don't like that part of the http standard and pale Moon uses it by default)
Also, please ensure your gateway doesn't choke on http pipelining (some networking devices really don't like that part of the http standard and pale Moon uses it by default)
"Sometimes, the best way to get what you want is to be a good person." -- Louis Rossmann
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite
-
- Board Warrior
- Posts: 1138
- Joined: 2019-04-24, 09:38
Re: How can a website/browser change internal Linux connection settings?
First, you run an old-ass version of Ubuntu. If you don't have ESM, you don't receive security updates for ~3 years.
Second: Test connectivity inside the OS.
Second: Test connectivity inside the OS.
Code: Select all
ping palemoon.org
ping6 palemoon.org
ping $(ip -4 route show default |cut -d " " -f 3)
ping $(ip -6 route show default |cut -d " " -f 3)
The profile picture shows my Maico EC30 E ceiling fan.
-
- Moon lover
- Posts: 85
- Joined: 2019-02-06, 09:13
Re: How can a website/browser change internal Linux connection settings?
My definition of "known good website" is one that is used regularly, and even hours later, this problem has not occurred.
I specifically exclude sites which do not load at all, have long delays "waiting for" or "transferring data from" 3rd party servers, that require View->Page Style->No Style to use or copy, or that produce "Unresponsive Script" warnings. But none of those sites produce this condition immediately; closing their tab allows other tabs and connections to be opened.
The only site where the condition occurred during its use was the USPS Global Payments mentioned above, and after rebooting there was no problem on it either.
Today, forum.palemoon.org, wikipedia.com, and duckduckgo.com were accessed several times, but connectivity was lost about an hour after visiting reddit.com for about 15 seconds and then various cloudflare-operated http sites (about their DNS and other services); neither reddit.com nor some Cloudflare services included on many sites work properly with my current PM.
DNS, router, Internet provider are all excluded as the problem is in the local ethernet connection (verified by no ping to the local gateway address, or to any other local-net address, if that machine's firewall is turned off). I've tried turning off my machine's firewall also.
The reason for this post is that Linux insists that it is still connected, and shows (almost) the same setup info as when it works. (I did notice that after ping-failure, ifconfig showed 0 errors but 251 dropped packets out of 87056 RX packets.)
The local-net failure, once occurring, seems repeatable in that no other concurrent error can be found. Neither "Quit" (network-tray-info process?) or "Disconnect from network" with subsequent re-start fixes things. I can't believe that an unsupported script causing memory violations/overflows that were somehow not caught, would always cause the same result. Does PM's application-permissions include global variables that could stop ethernet without the network application knowing?
The "ping $(ip -4 route ..." command shows 0% loss until the problem exits; then there is no connection to the default gateway (100% loss). Ping6 correctly gets address info (palemoon.org (2606:4700:10::ac43:1430): 56 data bytes) but then responds "ping6: can't create raw socket: Address family not supported by protocol". Your "ping $(ip -6 route ..." command simply gives a BusyBox syntax error.
In light of that Ping6 error, I set "network.dns.disableIPv6" to True. Unless that requires a reboot to take effect, it doesn't prevent the problem.
I specifically exclude sites which do not load at all, have long delays "waiting for" or "transferring data from" 3rd party servers, that require View->Page Style->No Style to use or copy, or that produce "Unresponsive Script" warnings. But none of those sites produce this condition immediately; closing their tab allows other tabs and connections to be opened.
The only site where the condition occurred during its use was the USPS Global Payments mentioned above, and after rebooting there was no problem on it either.
Today, forum.palemoon.org, wikipedia.com, and duckduckgo.com were accessed several times, but connectivity was lost about an hour after visiting reddit.com for about 15 seconds and then various cloudflare-operated http sites (about their DNS and other services); neither reddit.com nor some Cloudflare services included on many sites work properly with my current PM.
DNS, router, Internet provider are all excluded as the problem is in the local ethernet connection (verified by no ping to the local gateway address, or to any other local-net address, if that machine's firewall is turned off). I've tried turning off my machine's firewall also.
The reason for this post is that Linux insists that it is still connected, and shows (almost) the same setup info as when it works. (I did notice that after ping-failure, ifconfig showed 0 errors but 251 dropped packets out of 87056 RX packets.)
Precisely. This machine has been running PM for many years, and PM28.16 since Nov'20. Recently, more and more sites do not load (vanguard.com, archive.org not directed to a particular page etc). A year ago a rare "dead" connection was not investigated further. Now, this occurs every day, sometimes 4 times a day.This kind of connectivity is normally governed at the networking level, not the application level.
Any hypothesis on how that would affect the local machine? When ping to the gateway is lost on my machine, the gateway still works for other machines on the local network.please ensure your gateway doesn't choke on http pipelining
The local-net failure, once occurring, seems repeatable in that no other concurrent error can be found. Neither "Quit" (network-tray-info process?) or "Disconnect from network" with subsequent re-start fixes things. I can't believe that an unsupported script causing memory violations/overflows that were somehow not caught, would always cause the same result. Does PM's application-permissions include global variables that could stop ethernet without the network application knowing?
The "ping $(ip -4 route ..." command shows 0% loss until the problem exits; then there is no connection to the default gateway (100% loss). Ping6 correctly gets address info (palemoon.org (2606:4700:10::ac43:1430): 56 data bytes) but then responds "ping6: can't create raw socket: Address family not supported by protocol". Your "ping $(ip -6 route ..." command simply gives a BusyBox syntax error.
In light of that Ping6 error, I set "network.dns.disableIPv6" to True. Unless that requires a reboot to take effect, it doesn't prevent the problem.
-
- Pale Moon guru
- Posts: 35651
- Joined: 2011-08-28, 17:27
- Location: Motala, SE
Re: How can a website/browser change internal Linux connection settings?
TCP/IP has limited resources. if you have too many concurrent connections it will stop serving new ones, which is exactly what seems to be happening for you. There are quite a few potential points of failure here but the browser is just triggering existing issues, not causing them itself. Lack of proper support for pipelining is one of the factors that can cause this (as I've seen in the past with certain proxies) when having "undefined behaviour". This same premise also lies at the basis of certain DoS attacks (syn/half-open attacks) on servers, exhausting the stack's resources for concurrent connections.
I'd definitely try to look into your local system's network stack; maybe this is a driver issue or a configuration gaff (have you tried to "optimize" your internet speed with a third-party script, for example?). Your gateway seems to recover properly, but your workstation is not.
"Sometimes, the best way to get what you want is to be a good person." -- Louis Rossmann
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite
-
- Board Warrior
- Posts: 1651
- Joined: 2018-06-08, 17:02
Re: How can a website/browser change internal Linux connection settings?
On my end, IPv6 may be down, periodically. Right now, matter of fact.
Nonetheless, that is not stopping me from visiting palemoon.org (nor any other site), in Pale Moon nor in any other browser I may choose.
(And I've not fiddled with network.dns.disableIPv6.)
(Likewise, the opposite situation is apt to occur, where IPv4 is down yet IPv6 still works.)
ping 192.168.1.1
where other machines on the LAN are able to.
Does Linux have a netstat (or similar) command to show TCP/IP connections?
And if so, when this happens, how many are listed (& then how does that compare to the default maximum that Linux allows)?
Code: Select all
C:\out>ping -4 www.palemoon.org
Pinging www.palemoon.org [172.67.20.48] with 32 bytes of data:
Reply from 172.67.20.48: bytes=32 time=15ms TTL=51
...
Ping statistics for 172.67.20.48:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 15ms, Maximum = 19ms, Average = 16ms
C:\out>ping -6 www.palemoon.org
Ping request could not find host www.palemoon.org. Please check the name and try again.
(And I've not fiddled with network.dns.disableIPv6.)
(Likewise, the opposite situation is apt to occur, where IPv4 is down yet IPv6 still works.)
So you're saying you cannot do something like:When ping to the gateway is lost on my machine, the gateway still works for other machines on the local network.
ping 192.168.1.1
where other machines on the LAN are able to.
Does Linux have a netstat (or similar) command to show TCP/IP connections?
And if so, when this happens, how many are listed (& then how does that compare to the default maximum that Linux allows)?
-
- Moon lover
- Posts: 85
- Joined: 2019-02-06, 09:13
Re: How can a website/browser change internal Linux connection settings?
Turning off IPv6 breaks websites and maybe accelerated the issue. Mymerrill.com, which formerly worked but with unsupported scripts, caused no-ping while loading (only two parts of page shown, then "waiting for olui2.fs.ml.com").
My Linux does not have any special network software. Thanks for mentioning Netstat, I do have it and will try to figure out what it can say. I also looked for TCP limits and learned about Sysctl, output attached.
My Linux does not have any special network software. Thanks for mentioning Netstat, I do have it and will try to figure out what it can say. I also looked for TCP limits and learned about Sysctl, output attached.
Code: Select all
[(normal) sysctl -a]
crypto.fips_enabled = 0
debug.exception-trace = 1
dev.cdrom.autoclose = 1
dev.cdrom.autoeject = 0
dev.cdrom.check_media = 0
dev.cdrom.debug = 0
dev.cdrom.info = CD-ROM information, Id: cdrom.c 3.20 2003/12/17
dev.cdrom.info =
dev.cdrom.info = drive name: sr0
dev.cdrom.info = drive speed: 24
dev.cdrom.info = drive # of slots: 1
dev.cdrom.info = Can close tray: 1
dev.cdrom.info = Can open tray: 1
dev.cdrom.info = Can lock tray: 1
dev.cdrom.info = Can change speed: 1
dev.cdrom.info = Can select disk: 0
dev.cdrom.info = Can read multisession: 1
dev.cdrom.info = Can read MCN: 1
dev.cdrom.info = Reports media changed: 1
dev.cdrom.info = Can play audio: 1
dev.cdrom.info = Can write CD-R: 1
dev.cdrom.info = Can write CD-RW: 1
dev.cdrom.info = Can read DVD: 1
dev.cdrom.info = Can write DVD-R: 0
dev.cdrom.info = Can write DVD-RAM: 0
dev.cdrom.info = Can read MRW: 1
dev.cdrom.info = Can write MRW: 1
dev.cdrom.info = Can write RAM: 1
dev.cdrom.info =
dev.cdrom.info =
dev.cdrom.lock = 1
dev.hpet.max-user-freq = 64
dev.mac_hid.mouse_button2_keycode = 97
dev.mac_hid.mouse_button3_keycode = 100
dev.mac_hid.mouse_button_emulation = 0
dev.raid.speed_limit_max = 200000
dev.raid.speed_limit_min = 1000
dev.scsi.logging_level = 0
fs.aio-max-nr = 65536
fs.aio-nr = 0
fs.dentry-state = 15589 8239 45 0 0 0
fs.dir-notify-enable = 1
fs.epoll.max_user_watches = 335189
fs.file-max = 95575
fs.file-nr = 5024 0 95575
fs.inode-nr = 14480 3870
fs.inode-state = 14480 3870 0 0 0 0 0
fs.inotify.max_queued_events = 16384
fs.inotify.max_user_instances = 128
fs.inotify.max_user_watches = 8192
fs.lease-break-time = 45
fs.leases-enable = 1
fs.mount-max = 100000
fs.mqueue.msg_default = 10
fs.mqueue.msg_max = 10
fs.mqueue.msgsize_default = 8192
fs.mqueue.msgsize_max = 8192
fs.mqueue.queues_max = 256
fs.nfs.idmap_cache_timeout = 0
fs.nfs.nfs_callback_tcpport = 0
fs.nfs.nfs_congestion_kb = 31296
fs.nfs.nfs_mountpoint_timeout = 500
fs.nfs.nlm_grace_period = 0
fs.nfs.nlm_tcpport = 0
fs.nfs.nlm_timeout = 10
fs.nfs.nlm_udpport = 0
fs.nfs.nsm_local_state = 0
fs.nfs.nsm_use_hostnames = 0
fs.nr_open = 1048576
fs.overflowgid = 65534
fs.overflowuid = 65534
fs.pipe-max-size = 1048576
fs.pipe-user-pages-hard = 0
fs.pipe-user-pages-soft = 16384
fs.protected_hardlinks = 0
fs.protected_symlinks = 0
fs.suid_dumpable = 0
fscache.object_max_active = 4
fscache.operation_max_active = 2
kernel.acct = 4 2 30
kernel.acpi_video_flags = 0
kernel.auto_msgmni = 0
kernel.bootloader_type = 51
kernel.bootloader_version = 3
kernel.cad_pid = 1
kernel.cap_last_cap = 37
kernel.core_pattern = core
kernel.core_pipe_limit = 0
kernel.core_uses_pid = 0
kernel.ctrl-alt-del = 0
kernel.dmesg_restrict = 0
kernel.domainname = (none)
kernel.hostname = []
kernel.hotplug = /sbin/hotplug
kernel.io_delay_type = 0
kernel.keys.gc_delay = 300
kernel.keys.maxbytes = 20000
kernel.keys.maxkeys = 200
kernel.keys.root_maxbytes = 25000000
kernel.keys.root_maxkeys = 1000000
kernel.kptr_restrict = 0
kernel.kstack_depth_to_print = 24
kernel.max_lock_depth = 1024
kernel.modprobe = /sbin/modprobe
kernel.modules_disabled = 0
kernel.msgmax = 8192
kernel.msgmnb = 16384
kernel.msgmni = 32000
kernel.ngroups_max = 65536
kernel.osrelease = 4.4.95
kernel.ostype = Linux
kernel.overflowgid = 65534
kernel.overflowuid = 65534
kernel.panic = 0
kernel.panic_on_io_nmi = 0
kernel.panic_on_oops = 0
kernel.panic_on_unrecovered_nmi = 0
kernel.panic_on_warn = 0
kernel.perf_cpu_time_max_percent = 25
kernel.perf_event_max_sample_rate = 100000
kernel.perf_event_mlock_kb = 516
kernel.perf_event_paranoid = 1
kernel.pid_max = 32768
kernel.poweroff_cmd = /sbin/poweroff
kernel.print-fatal-signals = 0
kernel.printk = 3 4 1 3
kernel.printk_delay = 0
kernel.printk_ratelimit = 5
kernel.printk_ratelimit_burst = 10
kernel.pty.max = 4096
kernel.pty.nr = 2
kernel.pty.reserve = 1024
kernel.random.boot_id = []
kernel.random.entropy_avail = 882
kernel.random.poolsize = 4096
kernel.random.read_wakeup_threshold = 64
kernel.random.urandom_min_reseed_secs = 60
kernel.random.uuid = []
kernel.random.write_wakeup_threshold = 896
kernel.randomize_va_space = 2
kernel.real-root-dev = 0
kernel.sched_autogroup_enabled = 1
kernel.sched_cfs_bandwidth_slice_us = 5000
kernel.sched_child_runs_first = 0
kernel.sched_rr_timeslice_ms = 100
kernel.sched_rt_period_us = 1000000
kernel.sched_rt_runtime_us = 950000
kernel.sem = 32000 1024000000 500 32000
kernel.shm_rmid_forced = 0
kernel.shmall = 4278190079
kernel.shmmax = 4278190079
kernel.shmmni = 4096
kernel.sysctl_writes_strict = 1
kernel.tainted = 4096
kernel.threads-max = 14939
kernel.timer_migration = 1
kernel.unknown_nmi_panic = 0
kernel.usermodehelper.bset = 4294967295 63
kernel.usermodehelper.inheritable = 4294967295 63
kernel.version = #1 SMP Mon Nov 13 17:15:42 GMT 2017
net.core.busy_poll = 0
net.core.busy_read = 0
net.core.dev_weight = 64
net.core.flow_limit_cpu_bitmap = 0
net.core.flow_limit_table_len = 4096
net.core.max_skb_frags = 17
net.core.message_burst = 10
net.core.message_cost = 5
net.core.netdev_budget = 300
net.core.netdev_max_backlog = 1000
net.core.netdev_rss_key = 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
net.core.netdev_tstamp_prequeue = 1
net.core.optmem_max = 10240
net.core.rmem_default = 163840
net.core.rmem_max = 163840
net.core.rps_sock_flow_entries = 0
net.core.somaxconn = 128
net.core.tstamp_allow_data = 1
net.core.warnings = 0
net.core.wmem_default = 163840
net.core.wmem_max = 163840
net.core.xfrm_acq_expires = 30
net.core.xfrm_aevent_etime = 10
net.core.xfrm_aevent_rseqth = 2
net.core.xfrm_larval_drop = 1
net.ipv4.conf.all.accept_local = 0
net.ipv4.conf.all.accept_redirects = 1
net.ipv4.conf.all.accept_source_route = 0
net.ipv4.conf.all.arp_accept = 0
net.ipv4.conf.all.arp_announce = 0
net.ipv4.conf.all.arp_filter = 0
net.ipv4.conf.all.arp_ignore = 0
net.ipv4.conf.all.arp_notify = 0
net.ipv4.conf.all.bootp_relay = 0
net.ipv4.conf.all.disable_policy = 0
net.ipv4.conf.all.disable_xfrm = 0
net.ipv4.conf.all.force_igmp_version = 0
net.ipv4.conf.all.forwarding = 0
net.ipv4.conf.all.igmpv2_unsolicited_report_interval = 10000
net.ipv4.conf.all.igmpv3_unsolicited_report_interval = 1000
net.ipv4.conf.all.ignore_routes_with_linkdown = 0
net.ipv4.conf.all.log_martians = 1
net.ipv4.conf.all.mc_forwarding = 0
net.ipv4.conf.all.medium_id = 0
net.ipv4.conf.all.promote_secondaries = 0
net.ipv4.conf.all.proxy_arp = 0
net.ipv4.conf.all.proxy_arp_pvlan = 0
net.ipv4.conf.all.route_localnet = 0
net.ipv4.conf.all.rp_filter = 1
net.ipv4.conf.all.secure_redirects = 1
net.ipv4.conf.all.send_redirects = 1
net.ipv4.conf.all.shared_media = 1
net.ipv4.conf.all.src_valid_mark = 0
net.ipv4.conf.all.tag = 0
net.ipv4.conf.default.accept_local = 0
net.ipv4.conf.default.accept_redirects = 1
net.ipv4.conf.default.accept_source_route = 1
net.ipv4.conf.default.arp_accept = 0
net.ipv4.conf.default.arp_announce = 0
net.ipv4.conf.default.arp_filter = 0
net.ipv4.conf.default.arp_ignore = 0
net.ipv4.conf.default.arp_notify = 0
net.ipv4.conf.default.bootp_relay = 0
net.ipv4.conf.default.disable_policy = 0
net.ipv4.conf.default.disable_xfrm = 0
net.ipv4.conf.default.force_igmp_version = 0
net.ipv4.conf.default.forwarding = 0
net.ipv4.conf.default.igmpv2_unsolicited_report_interval = 10000
net.ipv4.conf.default.igmpv3_unsolicited_report_interval = 1000
net.ipv4.conf.default.ignore_routes_with_linkdown = 0
net.ipv4.conf.default.log_martians = 0
net.ipv4.conf.default.mc_forwarding = 0
net.ipv4.conf.default.medium_id = 0
net.ipv4.conf.default.promote_secondaries = 0
net.ipv4.conf.default.proxy_arp = 0
net.ipv4.conf.default.proxy_arp_pvlan = 0
net.ipv4.conf.default.route_localnet = 0
net.ipv4.conf.default.rp_filter = 0
net.ipv4.conf.default.secure_redirects = 1
net.ipv4.conf.default.send_redirects = 1
net.ipv4.conf.default.shared_media = 1
net.ipv4.conf.default.src_valid_mark = 0
net.ipv4.conf.default.tag = 0
net.ipv4.conf.eth0.accept_local = 0
net.ipv4.conf.eth0.accept_redirects = 1
net.ipv4.conf.eth0.accept_source_route = 1
net.ipv4.conf.eth0.arp_accept = 0
net.ipv4.conf.eth0.arp_announce = 0
net.ipv4.conf.eth0.arp_filter = 0
net.ipv4.conf.eth0.arp_ignore = 0
net.ipv4.conf.eth0.arp_notify = 0
net.ipv4.conf.eth0.bootp_relay = 0
net.ipv4.conf.eth0.disable_policy = 0
net.ipv4.conf.eth0.disable_xfrm = 0
net.ipv4.conf.eth0.force_igmp_version = 0
net.ipv4.conf.eth0.forwarding = 0
net.ipv4.conf.eth0.igmpv2_unsolicited_report_interval = 10000
net.ipv4.conf.eth0.igmpv3_unsolicited_report_interval = 1000
net.ipv4.conf.eth0.ignore_routes_with_linkdown = 0
net.ipv4.conf.eth0.log_martians = 0
net.ipv4.conf.eth0.mc_forwarding = 0
net.ipv4.conf.eth0.medium_id = 0
net.ipv4.conf.eth0.promote_secondaries = 0
net.ipv4.conf.eth0.proxy_arp = 0
net.ipv4.conf.eth0.proxy_arp_pvlan = 0
net.ipv4.conf.eth0.route_localnet = 0
net.ipv4.conf.eth0.rp_filter = 0
net.ipv4.conf.eth0.secure_redirects = 1
net.ipv4.conf.eth0.send_redirects = 1
net.ipv4.conf.eth0.shared_media = 1
net.ipv4.conf.eth0.src_valid_mark = 0
net.ipv4.conf.eth0.tag = 0
net.ipv4.conf.lo.accept_local = 0
net.ipv4.conf.lo.accept_redirects = 1
net.ipv4.conf.lo.accept_source_route = 1
net.ipv4.conf.lo.arp_accept = 0
net.ipv4.conf.lo.arp_announce = 0
net.ipv4.conf.lo.arp_filter = 0
net.ipv4.conf.lo.arp_ignore = 0
net.ipv4.conf.lo.arp_notify = 0
net.ipv4.conf.lo.bootp_relay = 0
net.ipv4.conf.lo.disable_policy = 1
net.ipv4.conf.lo.disable_xfrm = 1
net.ipv4.conf.lo.force_igmp_version = 0
net.ipv4.conf.lo.forwarding = 0
net.ipv4.conf.lo.igmpv2_unsolicited_report_interval = 10000
net.ipv4.conf.lo.igmpv3_unsolicited_report_interval = 1000
net.ipv4.conf.lo.ignore_routes_with_linkdown = 0
net.ipv4.conf.lo.log_martians = 0
net.ipv4.conf.lo.mc_forwarding = 0
net.ipv4.conf.lo.medium_id = 0
net.ipv4.conf.lo.promote_secondaries = 0
net.ipv4.conf.lo.proxy_arp = 0
net.ipv4.conf.lo.proxy_arp_pvlan = 0
net.ipv4.conf.lo.route_localnet = 0
net.ipv4.conf.lo.rp_filter = 0
net.ipv4.conf.lo.secure_redirects = 1
net.ipv4.conf.lo.send_redirects = 1
net.ipv4.conf.lo.shared_media = 1
net.ipv4.conf.lo.src_valid_mark = 0
net.ipv4.conf.lo.tag = 0
net.ipv4.conf.tunl0.accept_local = 0
net.ipv4.conf.tunl0.accept_redirects = 1
net.ipv4.conf.tunl0.accept_source_route = 1
net.ipv4.conf.tunl0.arp_accept = 0
net.ipv4.conf.tunl0.arp_announce = 0
net.ipv4.conf.tunl0.arp_filter = 0
net.ipv4.conf.tunl0.arp_ignore = 0
net.ipv4.conf.tunl0.arp_notify = 0
net.ipv4.conf.tunl0.bootp_relay = 0
net.ipv4.conf.tunl0.disable_policy = 0
net.ipv4.conf.tunl0.disable_xfrm = 0
net.ipv4.conf.tunl0.force_igmp_version = 0
net.ipv4.conf.tunl0.forwarding = 0
net.ipv4.conf.tunl0.igmpv2_unsolicited_report_interval = 10000
net.ipv4.conf.tunl0.igmpv3_unsolicited_report_interval = 1000
net.ipv4.conf.tunl0.ignore_routes_with_linkdown = 0
net.ipv4.conf.tunl0.log_martians = 0
net.ipv4.conf.tunl0.mc_forwarding = 0
net.ipv4.conf.tunl0.medium_id = 0
net.ipv4.conf.tunl0.promote_secondaries = 0
net.ipv4.conf.tunl0.proxy_arp = 0
net.ipv4.conf.tunl0.proxy_arp_pvlan = 0
net.ipv4.conf.tunl0.route_localnet = 0
net.ipv4.conf.tunl0.rp_filter = 0
net.ipv4.conf.tunl0.secure_redirects = 1
net.ipv4.conf.tunl0.send_redirects = 1
net.ipv4.conf.tunl0.shared_media = 1
net.ipv4.conf.tunl0.src_valid_mark = 0
net.ipv4.conf.tunl0.tag = 0
net.ipv4.conf.wlan0.accept_local = 0
net.ipv4.conf.wlan0.accept_redirects = 1
net.ipv4.conf.wlan0.accept_source_route = 1
net.ipv4.conf.wlan0.arp_accept = 0
net.ipv4.conf.wlan0.arp_announce = 0
net.ipv4.conf.wlan0.arp_filter = 0
net.ipv4.conf.wlan0.arp_ignore = 0
net.ipv4.conf.wlan0.arp_notify = 0
net.ipv4.conf.wlan0.bootp_relay = 0
net.ipv4.conf.wlan0.disable_policy = 0
net.ipv4.conf.wlan0.disable_xfrm = 0
net.ipv4.conf.wlan0.force_igmp_version = 0
net.ipv4.conf.wlan0.forwarding = 0
net.ipv4.conf.wlan0.igmpv2_unsolicited_report_interval = 10000
net.ipv4.conf.wlan0.igmpv3_unsolicited_report_interval = 1000
net.ipv4.conf.wlan0.ignore_routes_with_linkdown = 0
net.ipv4.conf.wlan0.log_martians = 0
net.ipv4.conf.wlan0.mc_forwarding = 0
net.ipv4.conf.wlan0.medium_id = 0
net.ipv4.conf.wlan0.promote_secondaries = 0
net.ipv4.conf.wlan0.proxy_arp = 0
net.ipv4.conf.wlan0.proxy_arp_pvlan = 0
net.ipv4.conf.wlan0.route_localnet = 0
net.ipv4.conf.wlan0.rp_filter = 0
net.ipv4.conf.wlan0.secure_redirects = 1
net.ipv4.conf.wlan0.send_redirects = 1
net.ipv4.conf.wlan0.shared_media = 1
net.ipv4.conf.wlan0.src_valid_mark = 0
net.ipv4.conf.wlan0.tag = 0
net.ipv4.fwmark_reflect = 0
net.ipv4.icmp_echo_ignore_all = 0
net.ipv4.icmp_echo_ignore_broadcasts = 1
net.ipv4.icmp_errors_use_inbound_ifaddr = 0
net.ipv4.icmp_ignore_bogus_error_responses = 1
net.ipv4.icmp_msgs_burst = 50
net.ipv4.icmp_msgs_per_sec = 1000
net.ipv4.icmp_ratelimit = 1000
net.ipv4.icmp_ratemask = 6168
net.ipv4.igmp_link_local_mcast_reports = 1
net.ipv4.igmp_max_memberships = 20
net.ipv4.igmp_max_msf = 10
net.ipv4.igmp_qrv = 2
net.ipv4.inet_peer_maxttl = 600
net.ipv4.inet_peer_minttl = 120
net.ipv4.inet_peer_threshold = 65664
net.ipv4.ip_default_ttl = 64
net.ipv4.ip_dynaddr = 1
net.ipv4.ip_early_demux = 1
net.ipv4.ip_forward = 0
net.ipv4.ip_forward_use_pmtu = 0
net.ipv4.ip_local_port_range = 32768 60999
net.ipv4.ip_local_reserved_ports =
net.ipv4.ip_no_pmtu_disc = 0
net.ipv4.ip_nonlocal_bind = 0
net.ipv4.ipfrag_high_thresh = 4194304
net.ipv4.ipfrag_low_thresh = 3145728
net.ipv4.ipfrag_max_dist = 64
net.ipv4.ipfrag_secret_interval = 0
net.ipv4.ipfrag_time = 30
net.ipv4.neigh.default.anycast_delay = 100
net.ipv4.neigh.default.app_solicit = 0
net.ipv4.neigh.default.base_reachable_time_ms = 30000
net.ipv4.neigh.default.delay_first_probe_time = 5
net.ipv4.neigh.default.gc_interval = 30
net.ipv4.neigh.default.gc_stale_time = 60
net.ipv4.neigh.default.gc_thresh1 = 128
net.ipv4.neigh.default.gc_thresh2 = 512
net.ipv4.neigh.default.gc_thresh3 = 1024
net.ipv4.neigh.default.locktime = 100
net.ipv4.neigh.default.mcast_resolicit = 0
net.ipv4.neigh.default.mcast_solicit = 3
net.ipv4.neigh.default.proxy_delay = 80
net.ipv4.neigh.default.proxy_qlen = 64
net.ipv4.neigh.default.retrans_time_ms = 1000
net.ipv4.neigh.default.ucast_solicit = 3
net.ipv4.neigh.default.unres_qlen = 34
net.ipv4.neigh.default.unres_qlen_bytes = 65536
net.ipv4.neigh.eth0.anycast_delay = 100
net.ipv4.neigh.eth0.app_solicit = 0
net.ipv4.neigh.eth0.base_reachable_time_ms = 30000
net.ipv4.neigh.eth0.delay_first_probe_time = 5
net.ipv4.neigh.eth0.gc_stale_time = 60
net.ipv4.neigh.eth0.locktime = 100
net.ipv4.neigh.eth0.mcast_resolicit = 0
net.ipv4.neigh.eth0.mcast_solicit = 3
net.ipv4.neigh.eth0.proxy_delay = 80
net.ipv4.neigh.eth0.proxy_qlen = 64
net.ipv4.neigh.eth0.retrans_time_ms = 1000
net.ipv4.neigh.eth0.ucast_solicit = 3
net.ipv4.neigh.eth0.unres_qlen = 34
net.ipv4.neigh.eth0.unres_qlen_bytes = 65536
net.ipv4.neigh.lo.anycast_delay = 100
net.ipv4.neigh.lo.app_solicit = 0
net.ipv4.neigh.lo.base_reachable_time_ms = 30000
net.ipv4.neigh.lo.delay_first_probe_time = 5
net.ipv4.neigh.lo.gc_stale_time = 60
net.ipv4.neigh.lo.locktime = 100
net.ipv4.neigh.lo.mcast_resolicit = 0
net.ipv4.neigh.lo.mcast_solicit = 3
net.ipv4.neigh.lo.proxy_delay = 80
net.ipv4.neigh.lo.proxy_qlen = 64
net.ipv4.neigh.lo.retrans_time_ms = 1000
net.ipv4.neigh.lo.ucast_solicit = 3
net.ipv4.neigh.lo.unres_qlen = 34
net.ipv4.neigh.lo.unres_qlen_bytes = 65536
net.ipv4.neigh.tunl0.anycast_delay = 100
net.ipv4.neigh.tunl0.app_solicit = 0
net.ipv4.neigh.tunl0.base_reachable_time_ms = 30000
net.ipv4.neigh.tunl0.delay_first_probe_time = 5
net.ipv4.neigh.tunl0.gc_stale_time = 60
net.ipv4.neigh.tunl0.locktime = 100
net.ipv4.neigh.tunl0.mcast_resolicit = 0
net.ipv4.neigh.tunl0.mcast_solicit = 3
net.ipv4.neigh.tunl0.proxy_delay = 80
net.ipv4.neigh.tunl0.proxy_qlen = 64
net.ipv4.neigh.tunl0.retrans_time_ms = 1000
net.ipv4.neigh.tunl0.ucast_solicit = 3
net.ipv4.neigh.tunl0.unres_qlen = 34
net.ipv4.neigh.tunl0.unres_qlen_bytes = 65536
net.ipv4.neigh.wlan0.anycast_delay = 100
net.ipv4.neigh.wlan0.app_solicit = 0
net.ipv4.neigh.wlan0.base_reachable_time_ms = 30000
net.ipv4.neigh.wlan0.delay_first_probe_time = 5
net.ipv4.neigh.wlan0.gc_stale_time = 60
net.ipv4.neigh.wlan0.locktime = 100
net.ipv4.neigh.wlan0.mcast_resolicit = 0
net.ipv4.neigh.wlan0.mcast_solicit = 3
net.ipv4.neigh.wlan0.proxy_delay = 80
net.ipv4.neigh.wlan0.proxy_qlen = 64
net.ipv4.neigh.wlan0.retrans_time_ms = 1000
net.ipv4.neigh.wlan0.ucast_solicit = 3
net.ipv4.neigh.wlan0.unres_qlen = 34
net.ipv4.neigh.wlan0.unres_qlen_bytes = 65536
net.ipv4.ping_group_range = 1 0
net.ipv4.route.error_burst = 5000
net.ipv4.route.error_cost = 1000
net.ipv4.route.gc_elasticity = 8
net.ipv4.route.gc_interval = 60
net.ipv4.route.gc_min_interval = 0
net.ipv4.route.gc_min_interval_ms = 500
net.ipv4.route.gc_thresh = -1
net.ipv4.route.gc_timeout = 300
net.ipv4.route.max_size = 2147483647
net.ipv4.route.min_adv_mss = 256
net.ipv4.route.min_pmtu = 552
net.ipv4.route.mtu_expires = 600
net.ipv4.route.redirect_load = 20
net.ipv4.route.redirect_number = 9
net.ipv4.route.redirect_silence = 20480
net.ipv4.tcp_abort_on_overflow = 0
net.ipv4.tcp_adv_win_scale = 1
net.ipv4.tcp_allowed_congestion_control = cubic reno
net.ipv4.tcp_app_win = 31
net.ipv4.tcp_autocorking = 1
net.ipv4.tcp_available_congestion_control = cubic reno
net.ipv4.tcp_base_mss = 1024
net.ipv4.tcp_challenge_ack_limit = 1000
net.ipv4.tcp_congestion_control = cubic
net.ipv4.tcp_dsack = 1
net.ipv4.tcp_early_retrans = 3
net.ipv4.tcp_ecn = 2
net.ipv4.tcp_ecn_fallback = 1
net.ipv4.tcp_fack = 1
net.ipv4.tcp_fastopen = 1
net.ipv4.tcp_fastopen_key = 00000000-00000000-00000000-00000000
net.ipv4.tcp_fin_timeout = 60
net.ipv4.tcp_frto = 2
net.ipv4.tcp_fwmark_accept = 0
net.ipv4.tcp_invalid_ratelimit = 500
net.ipv4.tcp_keepalive_intvl = 75
net.ipv4.tcp_keepalive_probes = 9
net.ipv4.tcp_keepalive_time = 7200
net.ipv4.tcp_limit_output_bytes = 262144
net.ipv4.tcp_low_latency = 0
net.ipv4.tcp_max_orphans = 4096
net.ipv4.tcp_max_reordering = 300
net.ipv4.tcp_max_syn_backlog = 128
net.ipv4.tcp_max_tw_buckets = 4096
net.ipv4.tcp_mem = 9585 12780 19170
net.ipv4.tcp_min_rtt_wlen = 300
net.ipv4.tcp_min_tso_segs = 2
net.ipv4.tcp_moderate_rcvbuf = 1
net.ipv4.tcp_mtu_probing = 0
net.ipv4.tcp_no_metrics_save = 0
net.ipv4.tcp_notsent_lowat = -1
net.ipv4.tcp_orphan_retries = 0
net.ipv4.tcp_pacing_ca_ratio = 120
net.ipv4.tcp_pacing_ss_ratio = 200
net.ipv4.tcp_probe_interval = 600
net.ipv4.tcp_probe_threshold = 8
net.ipv4.tcp_recovery = 1
net.ipv4.tcp_reordering = 3
net.ipv4.tcp_retrans_collapse = 1
net.ipv4.tcp_retries1 = 3
net.ipv4.tcp_retries2 = 15
net.ipv4.tcp_rfc1337 = 0
net.ipv4.tcp_rmem = 4096 87380 6291456
net.ipv4.tcp_sack = 1
net.ipv4.tcp_slow_start_after_idle = 1
net.ipv4.tcp_stdurg = 0
net.ipv4.tcp_syn_retries = 6
net.ipv4.tcp_synack_retries = 5
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_thin_dupack = 0
net.ipv4.tcp_thin_linear_timeouts = 0
net.ipv4.tcp_timestamps = 1
net.ipv4.tcp_tso_win_divisor = 3
net.ipv4.tcp_tw_recycle = 0
net.ipv4.tcp_tw_reuse = 0
net.ipv4.tcp_window_scaling = 1
net.ipv4.tcp_wmem = 4096 16384 4194304
net.ipv4.tcp_workaround_signed_windows = 0
net.ipv4.udp_mem = 19170 25561 38340
net.ipv4.udp_rmem_min = 4096
net.ipv4.udp_wmem_min = 4096
net.ipv4.xfrm4_gc_thresh = 2147483647
net.netfilter.nf_conntrack_acct = 0
net.netfilter.nf_conntrack_buckets = 15360
net.netfilter.nf_conntrack_checksum = 1
net.netfilter.nf_conntrack_count = 1
net.netfilter.nf_conntrack_events = 1
net.netfilter.nf_conntrack_expect_max = 232
net.netfilter.nf_conntrack_generic_timeout = 600
net.netfilter.nf_conntrack_helper = 1
net.netfilter.nf_conntrack_icmp_timeout = 30
net.netfilter.nf_conntrack_log_invalid = 0
net.netfilter.nf_conntrack_max = 59932
net.netfilter.nf_conntrack_tcp_be_liberal = 0
net.netfilter.nf_conntrack_tcp_loose = 1
net.netfilter.nf_conntrack_tcp_max_retrans = 3
net.netfilter.nf_conntrack_tcp_timeout_close = 10
net.netfilter.nf_conntrack_tcp_timeout_close_wait = 60
net.netfilter.nf_conntrack_tcp_timeout_established = 432000
net.netfilter.nf_conntrack_tcp_timeout_fin_wait = 120
net.netfilter.nf_conntrack_tcp_timeout_last_ack = 30
net.netfilter.nf_conntrack_tcp_timeout_max_retrans = 300
net.netfilter.nf_conntrack_tcp_timeout_syn_recv = 60
net.netfilter.nf_conntrack_tcp_timeout_syn_sent = 120
net.netfilter.nf_conntrack_tcp_timeout_time_wait = 120
net.netfilter.nf_conntrack_tcp_timeout_unacknowledged = 300
net.netfilter.nf_conntrack_udp_timeout = 30
net.netfilter.nf_conntrack_udp_timeout_stream = 180
net.netfilter.nf_log.0 = NONE
net.netfilter.nf_log.1 = NONE
net.netfilter.nf_log.10 = NONE
net.netfilter.nf_log.11 = NONE
net.netfilter.nf_log.12 = NONE
net.netfilter.nf_log.2 = nf_log_ipv4
net.netfilter.nf_log.3 = NONE
net.netfilter.nf_log.4 = NONE
net.netfilter.nf_log.5 = NONE
net.netfilter.nf_log.6 = NONE
net.netfilter.nf_log.7 = NONE
net.netfilter.nf_log.8 = NONE
net.netfilter.nf_log.9 = NONE
net.nf_conntrack_max = 59932
net.unix.max_dgram_qlen = 10
vm.admin_reserve_kbytes = 8192
vm.block_dump = 0
vm.compact_unevictable_allowed = 1
vm.dirty_background_bytes = 0
vm.dirty_background_ratio = 10
vm.dirty_bytes = 0
vm.dirty_expire_centisecs = 3000
vm.dirty_ratio = 20
vm.dirty_writeback_centisecs = 500
vm.dirtytime_expire_seconds = 43200
vm.drop_caches = 0
vm.extfrag_threshold = 500
vm.highmem_is_dirtyable = 0
vm.laptop_mode = 0
vm.legacy_va_layout = 0
vm.lowmem_reserve_ratio = 256 32 32
vm.max_map_count = 65530
vm.min_free_kbytes = 43908
vm.mmap_min_addr = 65536
vm.nr_pdflush_threads = 0
vm.oom_dump_tasks = 1
vm.oom_kill_allocating_task = 0
vm.overcommit_kbytes = 0
vm.overcommit_memory = 0
vm.overcommit_ratio = 50
vm.page-cluster = 3
vm.panic_on_oom = 0
vm.percpu_pagelist_fraction = 0
vm.stat_interval = 1
vm.swappiness = 10
vm.user_reserve_kbytes = 29795
vm.vdso_enabled = 1
vm.vfs_cache_pressure = 100
-
- Moon lover
- Posts: 85
- Joined: 2019-02-06, 09:13
Re: How can a website/browser change internal Linux connection settings?
Update. Rebooting (with standard IPv6 setings) and going to Mymerrill.com again, connection was lost even before login.
Sysctl showed no sifnificant changes, only an increase in "kernel.random.entropy_avail" from 882 (when working) to 911 (when no ping to anywhere except the local machine's address, but shown connected).
Netstat showed:
In summary, there were:
no tcp connections
6 udp connections to DNS servers or the local gateway
6 datagram Unix sockets
58 connected stream Unix sockets
The local gateway, a Google Mesh network, specifies that itself (192.168.86.1) be the primary DNS server, 8.8.8.8 was set as secondary. That has been the setup since it was installed 5 yrs ago.
After rebooting and ethernet reconnected (but no applications started), netstat showed:
There are:
no udp or tcp connections
6 datagram Unix sockets
40 connected stream Unix sockets
Starting Palemoon (28.16.0) with only the "Restore Session" tab shows 1 tcp connection:
tcp 0 0 192.168.86.49:51786 172.67.20.48:443 ESTABLISHED
6 datagram Unix sockets
56 connected stream Unix sockets
Being curious about 172.67.20.48 I tried:
and
So DNS is involved in opening PM?
With tabs restored and editing at forum.palemoon.org, netstat shows:
there are no tcp or udp connections (they must have timed out)
6 datagram Unix sockets
62 connected stream Unix sockets
No hint to me of what could be stopping ethernet, certainly not too many connections from me.
Sysctl showed no sifnificant changes, only an increase in "kernel.random.entropy_avail" from 882 (when working) to 911 (when no ping to anywhere except the local machine's address, but shown connected).
Netstat showed:
Code: Select all
Active Internet connections (w/o servers)
Proto RecvQ SendQ Local Address Foreign Address State
udp 0 704 192.168.86.49:38205 8.8.8.8:domain ESTABLISHED
udp 0 704 192.168.86.49:43916 8.8.8.8:domain ESTABLISHED
udp 0 704 192.168.86.49:48141 192.168.86.1:domain ESTABLISHED
udp 0 0 192.168.86.49:36044 192.168.86.1:domain ESTABLISHED
udp 0 0 192.168.86.49:39120 192.168.86.1:domain ESTABLISHED
udp 0 0 192.168.86.49:43737 8.8.8.8:domain ESTABLISHED
Active UNIX domain sockets (w/o servers)
Proto RefCnt Flags Type State I-Node Path
unix 4 [ ] DGRAM 6468 /dev/log
unix 3 [ ] DGRAM 2468
unix 3 [ ] STREAM CONNECTED 24931
unix 3 [ ] STREAM CONNECTED 8523
unix 3 [ ] STREAM CONNECTED 24710
unix 3 [ ] STREAM CONNECTED 24873 @/tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 16777 @/tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 7145
unix 3 [ ] STREAM CONNECTED 8162 @/tmp/dbus-PbwPHLeHGm
unix 3 [ ] STREAM CONNECTED 7500 @/tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 8155 @/tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 8072 @/tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 3642983
unix 3 [ ] STREAM CONNECTED 7250
unix 3 [ ] STREAM CONNECTED 16776
unix 3 [ ] STREAM CONNECTED 8339 @/tmp/.X11-unix/X0
unix 2 [ ] DGRAM 1405
unix 3 [ ] STREAM CONNECTED 24927
unix 3 [ ] STREAM CONNECTED 24918 @/tmp/dbus-PbwPHLeHGm
unix 3 [ ] STREAM CONNECTED 18279
unix 3 [ ] STREAM CONNECTED 24793
unix 3 [ ] STREAM CONNECTED 1762989
unix 3 [ ] STREAM CONNECTED 7146 /var/run/dbus/system_bus_socket
unix 3 [ ] STREAM CONNECTED 8187
unix 3 [ ] STREAM CONNECTED 7591
unix 3 [ ] STREAM CONNECTED 6747
unix 3 [ ] STREAM CONNECTED 25066 @/tmp/dbus-PbwPHLeHGm
unix 3 [ ] STREAM CONNECTED 8158
unix 3 [ ] STREAM CONNECTED 8099
unix 3 [ ] STREAM CONNECTED 7251 @/tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 8144
unix 2 [ ] DGRAM 15648
unix 3 [ ] STREAM CONNECTED 24928 @/tmp/dbus-PbwPHLeHGm
unix 3 [ ] STREAM CONNECTED 8338
unix 3 [ ] STREAM CONNECTED 24917
unix 3 [ ] STREAM CONNECTED 24794 @/tmp/dbus-PbwPHLeHGm
unix 3 [ ] STREAM CONNECTED 18278
unix 3 [ ] STREAM CONNECTED 8188 @/tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 7237
unix 3 [ ] STREAM CONNECTED 1762990 @/tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 8276 @/tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 7592 @/tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 7144
unix 3 [ ] STREAM CONNECTED 25065
unix 3 [ ] STREAM CONNECTED 24686
unix 3 [ ] STREAM CONNECTED 8159 @/tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 8145
unix 3 [ ] STREAM CONNECTED 8100 @/tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 8524 @/tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 24932 /var/run/dbus/system_bus_socket
unix 3 [ ] DGRAM 2467
unix 3 [ ] STREAM CONNECTED 6746
unix 2 [ ] DGRAM 6470
unix 3 [ ] STREAM CONNECTED 24872
unix 3 [ ] STREAM CONNECTED 7499
unix 3 [ ] STREAM CONNECTED 24709
unix 3 [ ] STREAM CONNECTED 8161
unix 3 [ ] STREAM CONNECTED 7147 @/tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 24687 @/tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 8071
unix 3 [ ] STREAM CONNECTED 3642984 @/tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 8275
unix 3 [ ] STREAM CONNECTED 7238 @/tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 8154
no tcp connections
6 udp connections to DNS servers or the local gateway
6 datagram Unix sockets
58 connected stream Unix sockets
The local gateway, a Google Mesh network, specifies that itself (192.168.86.1) be the primary DNS server, 8.8.8.8 was set as secondary. That has been the setup since it was installed 5 yrs ago.
After rebooting and ethernet reconnected (but no applications started), netstat showed:
Code: Select all
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
Active UNIX domain sockets (w/o servers)
Proto RefCnt Flags Type State I-Node Path
unix 4 [ ] DGRAM 6470 /dev/log
unix 3 [ ] STREAM CONNECTED 8153
unix 3 [ ] STREAM CONNECTED 8191 @/tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 8082
unix 3 [ ] STREAM CONNECTED 8163 @/tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 7509
unix 3 [ ] STREAM CONNECTED 54792 @/tmp/.X11-unix/X0
unix 2 [ ] DGRAM 6472
unix 3 [ ] STREAM CONNECTED 8347 @/tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 7249 @/tmp/.X11-unix/X0
unix 2 [ ] DGRAM 1405
unix 3 [ ] STREAM CONNECTED 12021
unix 3 [ ] STREAM CONNECTED 10490
unix 3 [ ] STREAM CONNECTED 6979 @/tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 8111 @/tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 8158
unix 3 [ ] STREAM CONNECTED 7716 @/tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 8152
unix 3 [ ] STREAM CONNECTED 8165
unix 3 [ ] STREAM CONNECTED 54791
unix 2 [ ] DGRAM 9352
unix 3 [ ] DGRAM 2468
unix 3 [ ] STREAM CONNECTED 8346
unix 3 [ ] STREAM CONNECTED 12020
unix 3 [ ] STREAM CONNECTED 7248
unix 3 [ ] STREAM CONNECTED 6951
unix 3 [ ] STREAM CONNECTED 8110
unix 3 [ ] STREAM CONNECTED 7663
unix 3 [ ] STREAM CONNECTED 8159 @/tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 8166 @/tmp/dbus-wqlXsXtyQP
unix 3 [ ] STREAM CONNECTED 8491 @/tmp/.X11-unix/X0
unix 3 [ ] DGRAM 2467
unix 3 [ ] STREAM CONNECTED 7262 @/tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 8306 @/tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 6976 /var/run/dbus/system_bus_socket
unix 3 [ ] STREAM CONNECTED 6753
unix 3 [ ] STREAM CONNECTED 6754
unix 3 [ ] STREAM CONNECTED 8190
unix 3 [ ] STREAM CONNECTED 8083 @/tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 8305
unix 3 [ ] STREAM CONNECTED 8162
unix 3 [ ] STREAM CONNECTED 7510 @/tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 8490
unix 3 [ ] STREAM CONNECTED 7261
unix 3 [ ] STREAM CONNECTED 6975
unix 3 [ ] STREAM CONNECTED 10491 @/tmp/.X11-unix/X0
no udp or tcp connections
6 datagram Unix sockets
40 connected stream Unix sockets
Starting Palemoon (28.16.0) with only the "Restore Session" tab shows 1 tcp connection:
tcp 0 0 192.168.86.49:51786 172.67.20.48:443 ESTABLISHED
6 datagram Unix sockets
56 connected stream Unix sockets
Being curious about 172.67.20.48 I tried:
Code: Select all
https://172.67.20.48/
Secure Connection Failed
An error occurred during a connection to 172.67.20.48.
Cannot communicate securely with peer: no common encryption algorithm(s).
(Error code: SSL_ERROR_NO_CYPHER_OVERLAP)
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the website owners to inform them of this problem.
Code: Select all
http://172.67.20.48/
Error 1003
Ray ID: 852622bc48bd4327 • 2024-02-08 19:03:58 UTC
Direct IP access not allowed
What happened?
You've requested an IP address that is part of the Cloudflare network. A valid Host header must be supplied to reach the desired website.
What can I do?
If you are interested in learning more about Cloudflare, please visit our website.
With tabs restored and editing at forum.palemoon.org, netstat shows:
Code: Select all
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
Active UNIX domain sockets (w/o servers)
Proto RefCnt Flags Type State I-Node Path
unix 4 [ ] DGRAM 6470 /dev/log
unix 3 [ ] STREAM CONNECTED 8153
unix 3 [ ] STREAM CONNECTED 8191 @/tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 8082
unix 3 [ ] STREAM CONNECTED 8163 @/tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 7509
unix 3 [ ] STREAM CONNECTED 148175
unix 3 [ ] STREAM CONNECTED 148340
unix 2 [ ] DGRAM 6472
unix 3 [ ] STREAM CONNECTED 8347 @/tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 7249 @/tmp/.X11-unix/X0
unix 2 [ ] DGRAM 1405
unix 3 [ ] STREAM CONNECTED 148400 /var/run/dbus/system_bus_socket
unix 3 [ ] STREAM CONNECTED 760169
unix 3 [ ] STREAM CONNECTED 12021
unix 3 [ ] STREAM CONNECTED 148525
unix 3 [ ] STREAM CONNECTED 10490
unix 3 [ ] STREAM CONNECTED 6979 @/tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 8111 @/tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 148165 @/tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 8158
unix 3 [ ] STREAM CONNECTED 7716 @/tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 8152
unix 3 [ ] STREAM CONNECTED 8165
unix 3 [ ] STREAM CONNECTED 148262 @/tmp/dbus-wqlXsXtyQP
unix 3 [ ] STREAM CONNECTED 148176
unix 2 [ ] DGRAM 9352
unix 3 [ ] DGRAM 2468
unix 3 [ ] STREAM CONNECTED 148385
unix 3 [ ] STREAM CONNECTED 8346
unix 3 [ ] STREAM CONNECTED 12020
unix 3 [ ] STREAM CONNECTED 7248
unix 3 [ ] STREAM CONNECTED 148396 @/tmp/dbus-wqlXsXtyQP
unix 3 [ ] STREAM CONNECTED 6951
unix 3 [ ] STREAM CONNECTED 8110
unix 3 [ ] STREAM CONNECTED 148164
unix 3 [ ] STREAM CONNECTED 7663
unix 3 [ ] STREAM CONNECTED 8159 @/tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 8166 @/tmp/dbus-wqlXsXtyQP
unix 3 [ ] STREAM CONNECTED 148261
unix 3 [ ] STREAM CONNECTED 8491 @/tmp/.X11-unix/X0
unix 3 [ ] DGRAM 2467
unix 3 [ ] STREAM CONNECTED 148386 @/tmp/dbus-wqlXsXtyQP
unix 3 [ ] STREAM CONNECTED 7262 @/tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 8306 @/tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 6976 /var/run/dbus/system_bus_socket
unix 3 [ ] STREAM CONNECTED 148395
unix 3 [ ] STREAM CONNECTED 6753
unix 3 [ ] STREAM CONNECTED 6754
unix 3 [ ] STREAM CONNECTED 8190
unix 3 [ ] STREAM CONNECTED 8083 @/tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 8305
unix 3 [ ] STREAM CONNECTED 8162
unix 3 [ ] STREAM CONNECTED 7510 @/tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 8490
unix 3 [ ] STREAM CONNECTED 7261
unix 3 [ ] STREAM CONNECTED 148341 @/tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 148399
unix 3 [ ] STREAM CONNECTED 6975
unix 3 [ ] STREAM CONNECTED 760170 @/tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 148526 @/tmp/dbus-wqlXsXtyQP
unix 3 [ ] STREAM CONNECTED 10491 @/tmp/.X11-unix/X0
6 datagram Unix sockets
62 connected stream Unix sockets
No hint to me of what could be stopping ethernet, certainly not too many connections from me.