netstat doesn't display full remote ip address, no ip address for ssl, port 443
We're running a Apache webserver on Arch Linux (build from May '10) and while monitoring connections with netstat we're seeing some odd connections on port 443 that don't report an IP address; is this cause for concern? We also don't don't get full ip addresses reported for remote hosts on 90% of our connections, we just get the first three portions of the IP, a period, and then the remote port. Any ideas on why either of these things is happening?
tcp 0 0 ::ffff:xxx.xxx.xxx.xxx:80 ::ffff:yyy.yyy.yyy.:60027 TIME_WAIT
tcp 0 0 ::ffff:xxx.xxx.xxx.xxx:80 ::ffff:yyy.yyy.yyy.:62145 TIME_WAIT
tcp 0 0 ::1:48439 ::1:443 TIME_WAIT
tcp 0 0 ::1:47370 ::1:443 TIME_WAIT
tcp 0 0 ::1:48413 ::1:443 TIME_WAIT
tcp 0 0 ::1:48563 ::1:443 TIME_WAIT
tcp 0 0 ::ffff:xxx.xxx.xxx.xxx:80 ::ffff:yyy.yyy.yyy.:62191 TIME_WAIT
tcp 0 0 ::ffff:xxx.xxx.xxx.xxx:443 ::ffff:yyy.yyy.yyy.:59667 TIME_WAIT
tcp 0 0 ::ffff:xxx.xxx.xxx.xxx:443 ::ffff:yyy.yyy.yyy.:59667 TIME_WAIT
tcp 0 0 ::ffff:xxx.xxx.xxx.xxx:80 ::ffff:yyy.yyy.yyy.:59667 TIME_WAIT
netstat -V yields:
# netstat -V
net-tools 1.60
netstat 1.42 (2001-04-15)
Fred Baumgarten, Alan Cox, Bernd Eckenfels, Phil Blundell, Tuan Hoang and others
+NEW_ADDRT +RTF_IRTT +RTF_REJECT +FW_MASQUERADE -I18N
AF: (inet) +UNIX +INET +INET6 +IPX +AX25 +NETROM +X25 +ATALK -ECONET -ROSE
HW: +ETHER +ARC +SLIP +PPP +TUNNEL +TR +AX25 +NETROM +X25 +FR -ROSE -ASH -SIT -FDDI -HIPPI -HDLC/LAPB
Solution 1:
::1 is a full [IPv6 address](::1 is a full IPv6 address, the rough equivalent of 127.0.0.1), the rough equivalent of 127.0.0.1 (localhost).
Solution 2:
You are seeing IPs addres that, but IPv6 address. Your pcs maybe are stablishn connections by IPv6 and by IPv4. Confirm that doing a ping6 to one client from the server.
If it responds and you dont like it you have to deleted the enable by default Ipv6 addressing.
::1 is the local host address.