昨天借着出去签验收单的功夫,去公园爬了个山,穿高跟鞋爬山,真的是上山容易下山难。往上走还好,往下走的时候一不留神差点飞出去。在下山的时候接到了宽带安装师傅的电话预约上门安装时间,只能忙里偷闲约了今天中午。
之所以升级宽带,这个并不是主要目的,是因为这个月的流量又用光了。微信找到之前的客服小姐姐,让重新给续费个流量包,小姐姐表示每个月都续费,就不如直接换个套餐。
其实,联通的账单,我一直都没看懂这个东西到底该怎么看。反正是怎么算都算不出出来。不过每个月消费159貌似是准确的。
为了升级流量,顺便就升级了下宽带。这也是师傅预约的原因。
中午约了十二点,十一点半从公司往家走,刚出发没十分钟,接到了师傅电话说自己到了。挂断之后,订的外卖也到了,电话里让他把外卖放门口。不过听到了对门阿姨的声音,说外卖放她家,等自己到家了再去拿。
停车的时候就看到宽带师傅坐在楼前门口的台阶上玩手机,停好车过去打个招呼,带着大哥往楼上走。到门口先敲了下对面的门取下外买,阿姨一再让自己去她家吃。推脱了一下拿着外卖赶紧带师傅进门安装。
进门师傅就看到了机柜,熟练的打开机柜门,说;“这次升级给的路由器是挺不错的,不过你这有机柜应该也用不上”
“嗯,是的。我家里的nas要放到公网上用,一直是路由器拨号的。所以应该不会用这个路由器的功能”我答道。
“你还是有钱啊,里面好几块iPhone,哪里有电源,帮我把线插一下”
“我开下机柜后门吧,电源都在后面”我一边拿钥匙,一边回复“那些都是倒下来的比较老的型号,没卖就放在那里了”
“我给你调试好,你还是用你的路由器拨号,剩下的你就自己处理,我就不管了哈”
“没问题,你把设备调试好就行啦”
安装速度比他预计的要快一些,主要是我这里不需要他进行太多其他的操作,只要保证他们的设备调试好就ok了。
新的一体机比原来的光猫要大很多,并且多给了一个终端。但是这个终端目前也用不上,就先收起来了。
安装好之后师傅说:“我再给你调成桥接模式,你用你的路由器拨号就行了,趁这个功夫先签个字吧”
我接过他的手机签字还给他,然后去重启路由器,这才发现路由器的指示灯死活不亮。换到下面的插排上才重新点亮,一度以为是机柜的ptu坏了,这就尴尬了。
师傅看了下链接状态正常之后就走了,整体用了不到半个小时。
测速还是ok的,虽然是千兆,实际跑下来800多。
不过走了之后我发现了另外一个问题,那就是博客打不开了。重启路由器无效,依然打不开。自己折腾了半个小时就快一点了,饭还没来的急吃,赶紧吃点东西回公司,不然被发现不在公司又是各种事b要折腾了。
直到下午联系上scdn的售后,把域名改成ip发现一切都好使了。但是重新拨号更换ip之后依然会断很长时间,即使ddns已经更新了,但是cdn的节点解析貌似刷新的非常慢。
终于折腾好之后,另外一个问题出现了,freshrss一直提示错误,但是这个错误也很奇怪。502 等等的各种错误,就是不报具体的原因。
晚上回来之后重启服务器,发现还是一样的问题。并且上面跑的另外一个博客服务访问失败。看nginx错误日志是:
tail h4ck.error.log 2024/05/29 21:04:23 [error] 3264#0: *1 recv() failed (104: Connection reset by peer) while reading response header from upstream, client: 192.168.1.5, server: h4ck.org.cn, request: "GET / HTTP/1.1", upstream: "fastcgi://unix:/tmp/php-cgi.sock:", host: "h4ck.org.cn" 2024/05/29 21:05:03 [error] 3264#0: *1 recv() failed (104: Connection reset by peer) while reading response header from upstream, client: 192.168.1.5, server: h4ck.org.cn, request: "GET / HTTP/1.1", upstream: "fastcgi://unix:/tmp/php-cgi.sock:", host: "h4ck.org.cn"
表面上是php-cgi的问题,看php错误是:
[29-May-2024 20:57:43] NOTICE: [pool www] child 3174 started [29-May-2024 21:00:33] WARNING: [pool www] child 2544, script '/home/wwwroot/h4ck.org.cn/index.php' (request: "GET ") execution timed out (30.151471 sec), terminating [29-May-2024 21:00:33] WARNING: [pool www] child 2544 exited on signal 15 (SIGTERM) after 3040.428205 seconds from start [29-May-2024 21:00:33] NOTICE: [pool www] child 3198 started [29-May-2024 21:04:23] WARNING: [pool www] child 2545, script '/home/wwwroot/h4ck.org.cn/index.php' (request: "GET ") execution timed out (36.395989 sec), terminating [29-May-2024 21:04:23] WARNING: [pool www] child 2545 exited on signal 15 (SIGTERM) after 3270.448370 seconds from start [29-May-2024 21:04:23] NOTICE: [pool www] child 3431 started [29-May-2024 21:05:03] WARNING: [pool www] child 2546, script '/home/wwwroot/h4ck.org.cn/index.php' (request: "GET ") execution timed out (37.169543 sec), terminating [29-May-2024 21:05:03] WARNING: [pool www] child 2546 exited on signal 15 (SIGTERM) after 3310.446905 seconds from start [29-May-2024 21:05:03] NOTICE: [pool www] child 3434 started
执行超时了,但是这个超时就很奇怪啊,不应该话费几千秒,打开wp的debug,也没有错误提示。这尼玛,让人头大。同样freshrss一样的问题,此时才想到是不是iptabls防火墙的问题,倒是链接数据库挂了:
看了下记录,如果mysql直接drop了,并且还有多条重复的内容,把这茬给忘了:
obaby@hack:~$ sudo iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination ACCEPT all -- anywhere anywhere ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT tcp -- anywhere anywhere tcp dpt:ssh ACCEPT tcp -- anywhere anywhere tcp dpt:http ACCEPT tcp -- anywhere anywhere tcp dpt:https ACCEPT icmp -- anywhere anywhere icmp echo-request ACCEPT all -- anywhere anywhere ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT tcp -- anywhere anywhere tcp dpt:ssh ACCEPT tcp -- anywhere anywhere tcp dpt:http ACCEPT tcp -- anywhere anywhere tcp dpt:https DROP tcp -- anywhere anywhere tcp dpt:mysql ACCEPT icmp -- anywhere anywhere icmp echo-request ACCEPT all -- anywhere anywhere ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT tcp -- anywhere anywhere tcp dpt:ssh ACCEPT tcp -- anywhere anywhere tcp dpt:http ACCEPT tcp -- anywhere anywhere tcp dpt:https DROP tcp -- anywhere anywhere tcp dpt:mysql ACCEPT icmp -- anywhere anywhere icmp echo-request ACCEPT all -- anywhere anywhere ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT tcp -- anywhere anywhere tcp dpt:ssh ACCEPT tcp -- anywhere anywhere tcp dpt:http ACCEPT tcp -- anywhere anywhere tcp dpt:https DROP tcp -- anywhere anywhere tcp dpt:mysql ACCEPT icmp -- anywhere anywhere icmp echo-request ACCEPT all -- anywhere anywhere ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT tcp -- anywhere anywhere tcp dpt:ssh ACCEPT tcp -- anywhere anywhere tcp dpt:http ACCEPT tcp -- anywhere anywhere tcp dpt:https DROP tcp -- anywhere anywhere tcp dpt:mysql ACCEPT icmp -- anywhere anywhere icmp echo-request ACCEPT all -- anywhere anywhere ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT tcp -- anywhere anywhere tcp dpt:ssh ACCEPT tcp -- anywhere anywhere tcp dpt:http ACCEPT tcp -- anywhere anywhere tcp dpt:https DROP tcp -- anywhere anywhere tcp dpt:mysql ACCEPT icmp -- anywhere anywhere icmp echo-request ACCEPT all -- anywhere anywhere ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT tcp -- anywhere anywhere tcp dpt:ssh ACCEPT tcp -- anywhere anywhere tcp dpt:http ACCEPT tcp -- anywhere anywhere tcp dpt:https DROP tcp -- anywhere anywhere tcp dpt:mysql ACCEPT icmp -- anywhere anywhere icmp echo-request DROP tcp -- anywhere anywhere tcp dpt:redis ACCEPT tcp -- anywhere anywhere tcp dpt:mysql Chain FORWARD (policy ACCEPT) target prot opt source destination ACCEPT all -- 10.1.0.0/16 anywhere /* generated for MicroK8s pods */ ACCEPT all -- anywhere 10.1.0.0/16 /* generated for MicroK8s pods */ ACCEPT all -- 10.1.0.0/16 anywhere /* generated for MicroK8s pods */ ACCEPT all -- anywhere 10.1.0.0/16 /* generated for MicroK8s pods */ Chain OUTPUT (policy ACCEPT) target prot opt source destination
清空规则,开放3306一切都ok了。
但是连不上数据库wp没报错,freshrss也没报错,这个就很离谱。数据库都连不上还执行查询,执行个寂寞啊?
终于,最后一切问题还是解决啦,博客也恢复了:
当然,最主要的还是手机流量够用了,即使是上班用也差不多足够啦。
