0

I have a Centos 5.11 server, and a script I cron every 10 minutes

The script is simply this

#!/bin/sh FNAME=/var/www/html/cached/conntrack_count COUNT=`cat /proc/net/ip_conntrack | /usr/bin/wc -l` echo $COUNT > $FNAME

I've ran this script for several years without issue (the output file is read periodically via http, by a cacti server and then plotted on a graph).

Last week I ran a full yum update, to mitigate the GHOST vulnerability.

But now it seems when this script runs, it causes concurrency issues for local sockets (particularly connections to memcached (locahost->localhost) often time out while the cat is running).

I wonder if anyone can explain why this is now an issue, when previously it was not?

Could it be that Linux is now placing some sort of lock on the file which its being accessed, which could prevent new connections being established?

This would seem unlikely but I've no other explanation

carpii
  • 521
  • 2
  • 4
  • 12

1 Answers1

1

(Insufficient rep for comments)

Have you tried installing conntrack-tools and doing

/usr/sbin/conntrack -C > /var/www/html/cached/conntrack_count

instead? Does it still result in the same issue?

Mark R.
  • 365
  • 1
  • 5
  • Thanks, I had no idea this existed. It seems to hook into iptables to get the data, so Im hoping its much more efficient than catting /proc/net/ip_conntrack. Unfortunately I'm still on Centos 5.11 for this server, so Ive a bit of voodoo to get conntrack-tools working (EPEL doesnt provide it for such old Centos) – carpii Feb 09 '15 at 23:27
  • I'd generally advise upgrading, C5 isn't a such pleasant environment anymore if you need more modern stuff. – Mark R. Feb 10 '15 at 10:42
  • Yeah I agree. Sadly I need to squeeze another few months out of C5 as I need to focus elsewhere – carpii Feb 13 '15 at 10:50