Admins eHow SysAdmin Tips & Tricks

April 8, 2021

Resolving openconnect connection issues

Filed under: linux — Tags: , , , , — admin @ 4:43 am

Recently I have switched from OpenVPN to OpenConnect as my main VPN solution as somehow my ISP has blocked access to OpenVPN.
The first issue which I encountered was very familiar, connection hangs and a debug message like this “Failed to read from SSL socket: The transmitted packet is too large (EMSGSIZE)”, It was obvious to me that it has something to do with MTU settings so after some digging into docs I simply added the “–base-mtu 1450” argument to OpenConnect client and it resolved the first issue.
But the second issue was something much more baffling, some websites would work perfectly and some would hang in middle of loading or simply refuse to connect at all, after some more digging into forums, I found out the solution.

iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu

More info :
https://tldp.org/HOWTO/Adv-Routing-HOWTO/lartc.cookbook.mtu-mss.html
https://www.linuxtopia.org/Linux_Firewall_iptables/x4700.html

August 22, 2014

Kill a process with high CPU usage in Linux

Filed under: linux — Tags: , , , , , — admin @ 5:19 pm

Sometimes you may need to kill hanged processes with high CPU usage automatically. the following script can help you to do it :

#!/bin/bash
PROCESSNAME=''
HL=10

IFS=$'\n'
L=$(ps aux | grep $PROCESSNAME)
for fn in $L; do
        PID=$(echo $fn | awk '{print $2'})
        LOAD=$(echo $fn | awk '{print $3'})
        if [ $(echo "$LOAD > $HL" | bc -l ) -eq 1 ]
        then
                kill -9 $PID
                echo "Killed $PID"
        fi
done

Set PROCESSNAME to the process name which you want to be checked and HL to high load threshold.
Please note the load is based what ‘ps’ command reports and not what you see inside ‘top’.

Powered by WordPress