Your connection to this site is not secure

原创 已于 2024-09-03 23:05:30 修改 · 1.6k 阅读 · 0 ·
CC 4.0 BY-SA版权
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
文章标签:

#android

于 2024-09-03 23:05:15 首次发布

chrome 打开某一个网站的网页地址栏提示Your connection to this site is not secure,同一个网站的其它地址栏打开不会

在这里插入图片描述

无效的方案

浏览器地址栏输入: chrome://flags
找到下边的选项,从Default改为Disabled即可成功解决

亲测这个方法不行

在这里插入图片描述

解决方案

点击右上角的3个点 -> 选择设置 -> 安全与隐私 -> 删除浏览器记录

在这里插入图片描述

在这里插入图片描述

《Python基础教程》内容总览篇(持续更新中)
weixin_43178406的博客
08-26 31万+
大家好,我是爱编程的喵喵。双985硕士毕业,现担任全栈工程师一职,热衷于将数据思维应用到工作与生活中。从事机器学习以及相关的前后端开发工作。曾在阿里云、科大讯飞、CCF等比赛获得多次Top名次。现为优快云博客专家、人工智能领域优质创作者。喜欢通过博客创作的方式对所学的知识进行总结与归纳,不仅形成深入且独到的理解,而且能够帮助新手快速入门。个人精心开设的《Python基础课程》专栏订阅量接近900,帮助不少同学解决了Bug。
edge浏览器加载页面时显示此站点的连接不安全解决方法
BB_belief的博客
07-27 1万+
edge浏览器加载页面时显示此站点的连接不安全解决方法
docker安装的 n8n提示Your n8n server is configured to use a secure cookie, however you are either visiting
满地找牙的博客
04-12 2913
将原来的docker n8n进行删除后即可通过一下方式重新安装,如安装完n8n,提示。
【n8n配置】使用Mac自带Safari启动n8n的docker时提示 “Your n8n server is configured to use a secure cookie”解决方案
qq_45750017的博客
10-26 1073
场景方案安全性本地测试方法三低本地长期使用方法一高线上部署使用 Nginx/Caddy 反向代理自动申请 HTTPS最高“secure cookie” 报错的根本原因是未使用 HTTPS。最简单的解决方法是为 n8n 启用自签名证书,让它自己以 HTTPS 方式启动。
搭建工作流自动化工具n8n并配置deepseek大模型
xuebodx0923的博客
04-04 5037
1. 摘要(发音为 "n-eight-n")是一个开源的图形化低代码工作流自动化工具,允许用户通过可视化界面连接不同的应用程序和服务,实现自动化任务。在linux服务器上,用docker安装n8n工作流自动化工具,用ollama私有化部署DeepSeek-R1-Distill-Qwen-1.5B。If you prefer to disable this security feature,set the environment variable N8N_SECURE_COOKIE to false,版本更新
HTTPS证书过期|SSL证书过期 |华硕路由器| NAS|Certtificate is not valid
更新一些计算机体系架构NoC,GEM5, AXI4,还有machine learning 的日常
06-21 3967
访问NAS提示https链接不安全,没有有效的SSL证书。Your connection to this site is not secure. ssl证书部分显示 Certificate is not Valid。重新生成一份新的let’s encrypt 证书, 并且NAS 导入更新后的证书即可。不止是路由器上的证书要更新,更要导入到NAS。...
踩坑记--Your connection to this site is not secure
ssunshining的博客
01-30 9418
在访问有的网站会提示 Your connection to this site is not secure You should not enter andy sensitive information on this site( for example, passwords or credit cards), because it could be stolen by attackers. 以至于无法打开。 解决方案: 浏览器打开:chrome://flags/ 搜索通过关键字找到下边的选
your connection to this site is not secure
晓强的技术博客
03-21 5611
your connection to this site is not secure when you see a website from your browser, but you know this site is really safe (for example, develop web app over https) thisisunsafe Just type in thisisun...
SSL Report: aivisionxskino.com (8.163.27.185) Assessed on: Wed, 16 Jul 2025 08:47:44 UTC | Hide | Clear cacheScan Another » Assessment failed: No secure protocols supported Known Problems There are some errors that we cannot fix properly in the current version. They will be addressed in the next generation version, which is currently being developed. No secure protocols supported - if you get this message, but you know that the site supports SSL, wait until the cache expires on its own, then try again, making sure the hostname you enter uses the "www" prefix (e.g., "www.ssllabs.com", not just "ssllabs.com"). no more data allowed for version 1 certificate - the certificate is invalid; it is declared as version 1, but uses extensions, which were introduced in version 3. Browsers might ignore this problem, but our parser is strict and refuses to proceed. We'll try to find a different parser to avoid this problem. Failed to obtain certificate and Internal Error - errors of this type will often be reported for servers that use connection rate limits or block connections in response to unusual traffic. Problems of this type are very difficult to diagnose. If you have access to the server being tested, before reporting a problem to us, please check that there is no rate limiting or IDS in place. NetScaler issues - some NetScaler versions appear to reject SSL handshakes that do not include certain suites or handshakes that use a few suites. If the test is failing and there is a NetScaler load balancer in place, that's most likely the reason. Unexpected failure - our tests are designed to fail when unusual results are observed. This usually happens when there are multiple TLS servers behind the same IP address. In such cases we can't provide accurate results, which is why we fail. Common Error Messages Connect timed out - server did not respond to our connection request, sometimes before we are dynamically blocked when our tests are detected No route to host - unable to reach the server Unable to connect to server - failed to connect to the server, it usually happens due to firewall restrictions Connection reset - we got disconnected from the server Unrecognized SSL message, plaintext connection? - the server responded with plain-text HTTP on HTTPS port Received fatal alert: handshake_failure - this is either a faulty SSL server or some other server listening on port 443; if the SSL version of the web site works in your browser, please report this issue to us Failed to communicate with the secure server - No secure protocol supported. Possibly this server only supports a draft version of TLS 1.3 SSL Report v2.4.1 比较上一次的信息,再分析下原因
07-17
我们正在处理IIS服务器SSL/TLS配置问题,具体是SSL Labs报告中显示"No secure protocols supported"(不支持安全协议)和证书版本错误。 根据引用[1]:Windows对SSL/TLS协议的支持与SCHANNEL组件绑定。因此,如果...
Kconfig如下 开启哪些可以配置tcp_delack_min # # IP configuration # config IP_MULTICAST bool "IP: multicasting" help This is code for addressing several networked computers at once, enlarging your kernel by about 2 KB. You need multicasting if you intend to participate in the MBONE, a high bandwidth network on top of the Internet which carries audio and video broadcasts. More information about the MBONE is on the WWW at <http://www.savetz.com/mbone/>. For most people, it's safe to say N. config IP_ADVANCED_ROUTER bool "IP: advanced router" ---help--- If you intend to run your Linux box mostly as a router, i.e. as a computer that forwards and redistributes network packets, say Y; you will then be presented with several options that allow more precise control about the routing process. The answer to this question won't directly affect the kernel: answering N will just cause the configurator to skip all the questions about advanced routing. Note that your box can only act as a router if you enable IP forwarding in your kernel; you can do that by saying Y to "/proc file system support" and "Sysctl support" below and executing the line echo "1" > /proc/sys/net/ipv4/ip_forward at boot time after the /proc file system has been mounted. If you turn on IP forwarding, you should consider the rp_filter, which automatically rejects incoming packets if the routing table entry for their source address doesn't match the network interface they're arriving on. This has security advantages because it prevents the so-called IP spoofing, however it can pose problems if you use asymmetric routing (packets from you to a host take a different path than packets from that host to you) or if you operate a non-routing host which has several IP addresses on different interfaces. To turn rp_filter on use: echo 1 > /proc/sys/net/ipv4/conf/<device>/rp_filter or echo 1 > /proc/sys/net/ipv4/conf/all/rp_filter Note that some distributions enable it in startup scripts. For details about rp_filter strict and loose mode read <file:Documentation/networking/ip-sysctl.txt>. If unsure, say N here. config IP_FIB_TRIE_STATS bool "FIB TRIE statistics" depends on IP_ADVANCED_ROUTER ---help--- Keep track of statistics on structure of FIB TRIE table. Useful for testing and measuring TRIE performance. config IP_MULTIPLE_TABLES bool "IP: policy routing" depends on IP_ADVANCED_ROUTER select FIB_RULES ---help--- Normally, a router decides what to do with a received packet based solely on the packet's final destination address. If you say Y here, the Linux router will also be able to take the packet's source address into account. Furthermore, the TOS (Type-Of-Service) field of the packet can be used for routing decisions as well. If you need more information, see the Linux Advanced Routing and Traffic Control documentation at <http://lartc.org/howto/lartc.rpdb.html> If unsure, say N. config IP_ROUTE_MULTIPATH bool "IP: equal cost multipath" depends on IP_ADVANCED_ROUTER help Normally, the routing tables specify a single action to be taken in a deterministic manner for a given packet. If you say Y here however, it becomes possible to attach several actions to a packet pattern, in effect specifying several alternative paths to travel for those packets. The router considers all these paths to be of equal "cost" and chooses one of them in a non-deterministic fashion if a matching packet arrives. config IP_ROUTE_VERBOSE bool "IP: verbose route monitoring" depends on IP_ADVANCED_ROUTER help If you say Y here, which is recommended, then the kernel will print verbose messages regarding the routing, for example warnings about received packets which look strange and could be evidence of an attack or a misconfigured system somewhere. The information is handled by the klogd daemon which is responsible for kernel messages ("man klogd"). config IP_ROUTE_CLASSID bool config IP_PNP bool "IP: kernel level autoconfiguration" help This enables automatic configuration of IP addresses of devices and of the routing table during kernel boot, based on either information supplied on the kernel command line or by BOOTP or RARP protocols. You need to say Y only for diskless machines requiring network access to boot (in which case you want to say Y to "Root file system on NFS" as well), because all other machines configure the network in their startup scripts. config IP_PNP_DHCP bool "IP: DHCP support" depends on IP_PNP ---help--- If you want your Linux box to mount its whole root file system (the one containing the directory /) from some other computer over the net via NFS and you want the IP address of your computer to be discovered automatically at boot time using the DHCP protocol (a special protocol designed for doing this job), say Y here. In case the boot ROM of your network card was designed for booting Linux and does DHCP itself, providing all necessary information on the kernel command line, you can say N here. If unsure, say Y. Note that if you want to use DHCP, a DHCP server must be operating on your network. Read <file:Documentation/filesystems/nfs/nfsroot.txt> for details. config IP_PNP_BOOTP bool "IP: BOOTP support" depends on IP_PNP ---help--- If you want your Linux box to mount its whole root file system (the one containing the directory /) from some other computer over the net via NFS and you want the IP address of your computer to be discovered automatically at boot time using the BOOTP protocol (a special protocol designed for doing this job), say Y here. In case the boot ROM of your network card was designed for booting Linux and does BOOTP itself, providing all necessary information on the kernel command line, you can say N here. If unsure, say Y. Note that if you want to use BOOTP, a BOOTP server must be operating on your network. Read <file:Documentation/filesystems/nfs/nfsroot.txt> for details. config IP_PNP_RARP bool "IP: RARP support" depends on IP_PNP help If you want your Linux box to mount its whole root file system (the one containing the directory /) from some other computer over the net via NFS and you want the IP address of your computer to be discovered automatically at boot time using the RARP protocol (an older protocol which is being obsoleted by BOOTP and DHCP), say Y here. Note that if you want to use RARP, a RARP server must be operating on your network. Read <file:Documentation/filesystems/nfs/nfsroot.txt> for details. config NET_IPIP tristate "IP: tunneling" select INET_TUNNEL select NET_IP_TUNNEL ---help--- Tunneling means encapsulating data of one protocol type within another protocol and sending it over a channel that understands the encapsulating protocol. This particular tunneling driver implements encapsulation of IP within IP, which sounds kind of pointless, but can be useful if you want to make your (or some other) machine appear on a different network than it physically is, or to use mobile-IP facilities (allowing laptops to seamlessly move between networks without changing their IP addresses). Saying Y to this option will produce two modules ( = code which can be inserted in and removed from the running kernel whenever you want). Most people won't need this and can say N. config NET_IPGRE_DEMUX tristate "IP: GRE demultiplexer" help This is helper module to demultiplex GRE packets on GRE version field criteria. Required by ip_gre and pptp modules. config NET_IP_TUNNEL tristate select DST_CACHE select GRO_CELLS default n config NET_IPGRE tristate "IP: GRE tunnels over IP" depends on (IPV6 || IPV6=n) && NET_IPGRE_DEMUX select NET_IP_TUNNEL help Tunneling means encapsulating data of one protocol type within another protocol and sending it over a channel that understands the encapsulating protocol. This particular tunneling driver implements GRE (Generic Routing Encapsulation) and at this time allows encapsulating of IPv4 or IPv6 over existing IPv4 infrastructure. This driver is useful if the other endpoint is a Cisco router: Cisco likes GRE much better than the other Linux tunneling driver ("IP tunneling" above). In addition, GRE allows multicast redistribution through the tunnel. config NET_IPGRE_BROADCAST bool "IP: broadcast GRE over IP" depends on IP_MULTICAST && NET_IPGRE help One application of GRE/IP is to construct a broadcast WAN (Wide Area Network), which looks like a normal Ethernet LAN (Local Area Network), but can be distributed all over the Internet. If you want to do that, say Y here and to "IP multicast routing" below. config IP_MROUTE_COMMON bool depends on IP_MROUTE || IPV6_MROUTE config IP_MROUTE bool "IP: multicast routing" depends on IP_MULTICAST select IP_MROUTE_COMMON help This is used if you want your machine to act as a router for IP packets that have several destination addresses. It is needed on the MBONE, a high bandwidth network on top of the Internet which carries audio and video broadcasts. In order to do that, you would most likely run the program mrouted. If you haven't heard about it, you don't need it. config IP_MROUTE_MULTIPLE_TABLES bool "IP: multicast policy routing" depends on IP_MROUTE && IP_ADVANCED_ROUTER select FIB_RULES help Normally, a multicast router runs a userspace daemon and decides what to do with a multicast packet based on the source and destination addresses. If you say Y here, the multicast router will also be able to take interfaces and packet marks into account and run multiple instances of userspace daemons simultaneously, each one handling a single table. If unsure, say N. config IP_PIMSM_V1 bool "IP: PIM-SM version 1 support" depends on IP_MROUTE help Kernel side support for Sparse Mode PIM (Protocol Independent Multicast) version 1. This multicast routing protocol is used widely because Cisco supports it. You need special software to use it (pimd-v1). Please see <http://netweb.usc.edu/pim/> for more information about PIM. Say Y if you want to use PIM-SM v1. Note that you can say N here if you just want to use Dense Mode PIM. config IP_PIMSM_V2 bool "IP: PIM-SM version 2 support" depends on IP_MROUTE help Kernel side support for Sparse Mode PIM version 2. In order to use this, you need an experimental routing daemon supporting it (pimd or gated-5). This routing protocol is not used widely, so say N unless you want to play with it. config SYN_COOKIES bool "IP: TCP syncookie support" ---help--- Normal TCP/IP networking is open to an attack known as "SYN flooding". This denial-of-service attack prevents legitimate remote users from being able to connect to your computer during an ongoing attack and requires very little work from the attacker, who can operate from anywhere on the Internet. SYN cookies provide protection against this type of attack. If you say Y here, the TCP/IP stack will use a cryptographic challenge protocol known as "SYN cookies" to enable legitimate users to continue to connect, even when your machine is under attack. There is no need for the legitimate users to change their TCP/IP software; SYN cookies work transparently to them. For technical information about SYN cookies, check out <http://cr.yp.to/syncookies.html>. If you are SYN flooded, the source address reported by the kernel is likely to have been forged by the attacker; it is only reported as an aid in tracing the packets to their actual source and should not be taken as absolute truth. SYN cookies may prevent correct error reporting on clients when the server is really overloaded. If this happens frequently better turn them off. If you say Y here, you can disable SYN cookies at run time by saying Y to "/proc file system support" and "Sysctl support" below and executing the command echo 0 > /proc/sys/net/ipv4/tcp_syncookies after the /proc file system has been mounted. If unsure, say N. config NET_IPVTI tristate "Virtual (secure) IP: tunneling" depends on IPV6 || IPV6=n select INET_TUNNEL select NET_IP_TUNNEL depends on INET_XFRM_MODE_TUNNEL ---help--- Tunneling means encapsulating data of one protocol type within another protocol and sending it over a channel that understands the encapsulating protocol. This can be used with xfrm mode tunnel to give the notion of a secure tunnel for IPSEC and then use routing protocol on top. config NET_UDP_TUNNEL tristate select NET_IP_TUNNEL default n config NET_FOU tristate "IP: Foo (IP protocols) over UDP" select XFRM select NET_UDP_TUNNEL ---help--- Foo over UDP allows any IP protocol to be directly encapsulated over UDP include tunnels (IPIP, GRE, SIT). By encapsulating in UDP network mechanisms and optimizations for UDP (such as ECMP and RSS) can be leveraged to provide better service. config NET_FOU_IP_TUNNELS bool "IP: FOU encapsulation of IP tunnels" depends on NET_IPIP || NET_IPGRE || IPV6_SIT select NET_FOU ---help--- Allow configuration of FOU or GUE encapsulation for IP tunnels. When this option is enabled IP tunnels can be configured to use FOU or GUE encapsulation. config INET_AH tristate "IP: AH transformation" select XFRM_ALGO select CRYPTO select CRYPTO_HMAC select CRYPTO_MD5 select CRYPTO_SHA1 ---help--- Support for IPsec AH. If unsure, say Y. config INET_ESP tristate "IP: ESP transformation" select XFRM_ALGO select CRYPTO select CRYPTO_AUTHENC select CRYPTO_HMAC select CRYPTO_MD5 select CRYPTO_CBC select CRYPTO_SHA1 select CRYPTO_DES select CRYPTO_ECHAINIV ---help--- Support for IPsec ESP. If unsure, say Y. config INET_ESP_OFFLOAD tristate "IP: ESP transformation offload" depends on INET_ESP select XFRM_OFFLOAD default n ---help--- Support for ESP transformation offload. This makes sense only if this system really does IPsec and want to do it with high throughput. A typical desktop system does not need it, even if it does IPsec. If unsure, say N. config INET_IPCOMP tristate "IP: IPComp transformation" select INET_XFRM_TUNNEL select XFRM_IPCOMP ---help--- Support for IP Payload Compression Protocol (IPComp) (RFC3173), typically needed for IPsec. If unsure, say Y. config INET_TABLE_PERTURB_ORDER int "INET: Source port perturbation table size (as power of 2)" if EXPERT default 16 help Source port perturbation table size (as power of 2) for RFC 6056 3.3.4. Algorithm 4: Double-Hash Port Selection Algorithm. The default is almost always what you want. Only change this if you know what you are doing. config INET_XFRM_TUNNEL tristate select INET_TUNNEL default n config INET_TUNNEL tristate default n config INET_XFRM_MODE_TRANSPORT tristate "IP: IPsec transport mode" default y select XFRM ---help--- Support for IPsec transport mode. If unsure, say Y. config INET_XFRM_MODE_TUNNEL tristate "IP: IPsec tunnel mode" default y select XFRM ---help--- Support for IPsec tunnel mode. If unsure, say Y. config INET_XFRM_MODE_BEET tristate "IP: IPsec BEET mode" default y select XFRM ---help--- Support for IPsec BEET mode. If unsure, say Y. config INET_DIAG tristate "INET: socket monitoring interface" default y ---help--- Support for INET (TCP, DCCP, etc) socket monitoring interface used by native Linux tools such as ss. ss is included in iproute2, currently downloadable at: http://www.linuxfoundation.org/collaborate/workgroups/networking/iproute2 If unsure, say Y. config INET_TCP_DIAG depends on INET_DIAG def_tristate INET_DIAG config INET_UDP_DIAG tristate "UDP: socket monitoring interface" depends on INET_DIAG && (IPV6 || IPV6=n) default n ---help--- Support for UDP socket monitoring interface used by the ss tool. If unsure, say Y. config INET_RAW_DIAG tristate "RAW: socket monitoring interface" depends on INET_DIAG && (IPV6 || IPV6=n) default n ---help--- Support for RAW socket monitoring interface used by the ss tool. If unsure, say Y. config INET_DIAG_DESTROY bool "INET: allow privileged process to administratively close sockets" depends on INET_DIAG default n ---help--- Provides a SOCK_DESTROY operation that allows privileged processes (e.g., a connection manager or a network administration tool such as ss) to close sockets opened by other processes. Closing a socket in this way interrupts any blocking read/write/connect operations on the socket and causes future socket calls to behave as if the socket had been disconnected. If unsure, say N. menuconfig TCP_CONG_ADVANCED bool "TCP: advanced congestion control" ---help--- Support for selection of various TCP congestion control modules. Nearly all users can safely say no here, and a safe default selection will be made (CUBIC with new Reno as a fallback). If unsure, say N. if TCP_CONG_ADVANCED config TCP_CONG_BIC tristate "Binary Increase Congestion (BIC) control" default m ---help--- BIC-TCP is a sender-side only change that ensures a linear RTT fairness under large windows while offering both scalability and bounded TCP-friendliness. The protocol combines two schemes called additive increase and binary search increase. When the congestion window is large, additive increase with a large increment ensures linear RTT fairness as well as good scalability. Under small congestion windows, binary search increase provides TCP friendliness. See http://www.csc.ncsu.edu/faculty/rhee/export/bitcp/ config TCP_CONG_CUBIC tristate "CUBIC TCP" default y ---help--- This is version 2.0 of BIC-TCP which uses a cubic growth function among other techniques. See http://www.csc.ncsu.edu/faculty/rhee/export/bitcp/cubic-paper.pdf config TCP_CONG_WESTWOOD tristate "TCP Westwood+" default m ---help--- TCP Westwood+ is a sender-side only modification of the TCP Reno protocol stack that optimizes the performance of TCP congestion control. It is based on end-to-end bandwidth estimation to set congestion window and slow start threshold after a congestion episode. Using this estimation, TCP Westwood+ adaptively sets a slow start threshold and a congestion window which takes into account the bandwidth used at the time congestion is experienced. TCP Westwood+ significantly increases fairness wrt TCP Reno in wired networks and throughput over wireless links. config TCP_CONG_HTCP tristate "H-TCP" default m ---help--- H-TCP is a send-side only modifications of the TCP Reno protocol stack that optimizes the performance of TCP congestion control for high speed network links. It uses a modeswitch to change the alpha and beta parameters of TCP Reno based on network conditions and in a way so as to be fair with other Reno and H-TCP flows. config TCP_CONG_HSTCP tristate "High Speed TCP" default n ---help--- Sally Floyd's High Speed TCP (RFC 3649) congestion control. A modification to TCP's congestion control mechanism for use with large congestion windows. A table indicates how much to increase the congestion window by when an ACK is received. For more detail see http://www.icir.org/floyd/hstcp.html config TCP_CONG_HYBLA tristate "TCP-Hybla congestion control algorithm" default n ---help--- TCP-Hybla is a sender-side only change that eliminates penalization of long-RTT, large-bandwidth connections, like when satellite legs are involved, especially when sharing a common bottleneck with normal terrestrial connections. config TCP_CONG_VEGAS tristate "TCP Vegas" default n ---help--- TCP Vegas is a sender-side only change to TCP that anticipates the onset of congestion by estimating the bandwidth. TCP Vegas adjusts the sending rate by modifying the congestion window. TCP Vegas should provide less packet loss, but it is not as aggressive as TCP Reno. config TCP_CONG_NV tristate "TCP NV" default n ---help--- TCP NV is a follow up to TCP Vegas. It has been modified to deal with 10G networks, measurement noise introduced by LRO, GRO and interrupt coalescence. In addition, it will decrease its cwnd multiplicatively instead of linearly. Note that in general congestion avoidance (cwnd decreased when # packets queued grows) cannot coexist with congestion control (cwnd decreased only when there is packet loss) due to fairness issues. One scenario when they can coexist safely is when the CA flows have RTTs << CC flows RTTs. For further details see http://www.brakmo.org/networking/tcp-nv/ config TCP_CONG_SCALABLE tristate "Scalable TCP" default n ---help--- Scalable TCP is a sender-side only change to TCP which uses a MIMD congestion control algorithm which has some nice scaling properties, though is known to have fairness issues. See http://www.deneholme.net/tom/scalable/ config TCP_CONG_LP tristate "TCP Low Priority" default n ---help--- TCP Low Priority (TCP-LP), a distributed algorithm whose goal is to utilize only the excess network bandwidth as compared to the ``fair share`` of bandwidth as targeted by TCP. See http://www-ece.rice.edu/networks/TCP-LP/ config TCP_CONG_VENO tristate "TCP Veno" default n ---help--- TCP Veno is a sender-side only enhancement of TCP to obtain better throughput over wireless networks. TCP Veno makes use of state distinguishing to circumvent the difficult judgment of the packet loss type. TCP Veno cuts down less congestion window in response to random loss packets. See <http://ieeexplore.ieee.org/xpl/freeabs_all.jsp?arnumber=1177186> config TCP_CONG_YEAH tristate "YeAH TCP" select TCP_CONG_VEGAS default n ---help--- YeAH-TCP is a sender-side high-speed enabled TCP congestion control algorithm, which uses a mixed loss/delay approach to compute the congestion window. It's design goals target high efficiency, internal, RTT and Reno fairness, resilience to link loss while keeping network elements load as low as possible. For further details look here: http://wil.cs.caltech.edu/pfldnet2007/paper/YeAH_TCP.pdf config TCP_CONG_ILLINOIS tristate "TCP Illinois" default n ---help--- TCP-Illinois is a sender-side modification of TCP Reno for high speed long delay links. It uses round-trip-time to adjust the alpha and beta parameters to achieve a higher average throughput and maintain fairness. For further details see: http://www.ews.uiuc.edu/~shaoliu/tcpillinois/index.html config TCP_CONG_DCTCP tristate "DataCenter TCP (DCTCP)" default n ---help--- DCTCP leverages Explicit Congestion Notification (ECN) in the network to provide multi-bit feedback to the end hosts. It is designed to provide: - High burst tolerance (incast due to partition/aggregate), - Low latency (short flows, queries), - High throughput (continuous data updates, large file transfers) with commodity, shallow-buffered switches. All switches in the data center network running DCTCP must support ECN marking and be configured for marking when reaching defined switch buffer thresholds. The default ECN marking threshold heuristic for DCTCP on switches is 20 packets (30KB) at 1Gbps, and 65 packets (~100KB) at 10Gbps, but might need further careful tweaking. For further details see: http://simula.stanford.edu/~alizade/Site/DCTCP_files/dctcp-final.pdf config TCP_CONG_CDG tristate "CAIA Delay-Gradient (CDG)" default n ---help--- CAIA Delay-Gradient (CDG) is a TCP congestion control that modifies the TCP sender in order to: o Use the delay gradient as a congestion signal. o Back off with an average probability that is independent of the RTT. o Coexist with flows that use loss-based congestion control. o Tolerate packet loss unrelated to congestion. For further details see: D.A. Hayes and G. Armitage. "Revisiting TCP congestion control using delay gradients." In Networking 2011. Preprint: http://goo.gl/No3vdg config TCP_CONG_BBR tristate "BBR TCP" default n ---help--- BBR (Bottleneck Bandwidth and RTT) TCP congestion control aims to maximize network utilization and minimize queues. It builds an explicit model of the the bottleneck delivery rate and path round-trip propagation delay. It tolerates packet loss and delay unrelated to congestion. It can operate over LAN, WAN, cellular, wifi, or cable modem links. It can coexist with flows that use loss-based congestion control, and can operate with shallow buffers, deep buffers, bufferbloat, policers, or AQM schemes that do not provide a delay signal. It requires the fq ("Fair Queue") pacing packet scheduler. #if defined(CONFIG_BCM_KF_MPTCP) && defined(CONFIG_BCM_MPTCP) config TCP_CONG_LIA tristate "MPTCP Linked Increase" depends on MPTCP default n ---help--- MultiPath TCP Linked Increase Congestion Control To enable it, just put 'lia' in tcp_congestion_control config TCP_CONG_OLIA tristate "MPTCP Opportunistic Linked Increase" depends on MPTCP default n ---help--- MultiPath TCP Opportunistic Linked Increase Congestion Control To enable it, just put 'olia' in tcp_congestion_control config TCP_CONG_WVEGAS tristate "MPTCP WVEGAS CONGESTION CONTROL" depends on MPTCP default n ---help--- wVegas congestion control for MPTCP To enable it, just put 'wvegas' in tcp_congestion_control config TCP_CONG_BALIA tristate "MPTCP BALIA CONGESTION CONTROL" depends on MPTCP default n ---help--- Multipath TCP Balanced Linked Adaptation Congestion Control To enable it, just put 'balia' in tcp_congestion_control config TCP_CONG_MCTCPDESYNC tristate "DESYNCHRONIZED MCTCP CONGESTION CONTROL (EXPERIMENTAL)" depends on MPTCP default n ---help--- Desynchronized MultiChannel TCP Congestion Control. This is experimental code that only supports single path and must have set mptcp_ndiffports larger than one. To enable it, just put 'mctcpdesync' in tcp_congestion_control For further details see: http://ieeexplore.ieee.org/abstract/document/6911722/ https://doi.org/10.1016/j.comcom.2015.07.010 #endif choice prompt "Default TCP congestion control" default DEFAULT_CUBIC help Select the TCP congestion control that will be used by default for all connections. config DEFAULT_BIC bool "Bic" if TCP_CONG_BIC=y config DEFAULT_CUBIC bool "Cubic" if TCP_CONG_CUBIC=y config DEFAULT_HTCP bool "Htcp" if TCP_CONG_HTCP=y config DEFAULT_HYBLA bool "Hybla" if TCP_CONG_HYBLA=y config DEFAULT_VEGAS bool "Vegas" if TCP_CONG_VEGAS=y config DEFAULT_VENO bool "Veno" if TCP_CONG_VENO=y config DEFAULT_WESTWOOD bool "Westwood" if TCP_CONG_WESTWOOD=y config DEFAULT_DCTCP bool "DCTCP" if TCP_CONG_DCTCP=y config DEFAULT_CDG bool "CDG" if TCP_CONG_CDG=y config DEFAULT_BBR bool "BBR" if TCP_CONG_BBR=y #if defined(CONFIG_BCM_KF_MPTCP) && defined(CONFIG_BCM_MPTCP) config DEFAULT_LIA bool "Lia" if TCP_CONG_LIA=y config DEFAULT_OLIA bool "Olia" if TCP_CONG_OLIA=y config DEFAULT_WVEGAS bool "Wvegas" if TCP_CONG_WVEGAS=y config DEFAULT_BALIA bool "Balia" if TCP_CONG_BALIA=y config DEFAULT_MCTCPDESYNC bool "Mctcpdesync (EXPERIMENTAL)" if TCP_CONG_MCTCPDESYNC=y #endif config DEFAULT_RENO bool "Reno" endchoice endif config TCP_CONG_CUBIC tristate depends on !TCP_CONG_ADVANCED default y config DEFAULT_TCP_CONG string default "bic" if DEFAULT_BIC default "cubic" if DEFAULT_CUBIC default "htcp" if DEFAULT_HTCP default "hybla" if DEFAULT_HYBLA default "vegas" if DEFAULT_VEGAS default "westwood" if DEFAULT_WESTWOOD default "veno" if DEFAULT_VENO #if defined(CONFIG_BCM_KF_MPTCP) && defined(CONFIG_BCM_MPTCP) default "lia" if DEFAULT_LIA default "olia" if DEFAULT_OLIA default "wvegas" if DEFAULT_WVEGAS default "balia" if DEFAULT_BALIA #endif default "reno" if DEFAULT_RENO default "dctcp" if DEFAULT_DCTCP default "cdg" if DEFAULT_CDG default "bbr" if DEFAULT_BBR default "cubic" config TCP_MD5SIG bool "TCP: MD5 Signature Option support (RFC2385)" select CRYPTO select CRYPTO_MD5 ---help--- RFC2385 specifies a method of giving MD5 protection to TCP sessions. Its main (only?) use is to protect BGP sessions between core routers on the Internet. If unsure, say N.
最新发布
10-29
It's part of the TCP stack configuration, not directly tied to specific networking features like routing or tunneling. Looking at the provided Kconfig snippet, I notice it covers various IP and TCP ...
[root@VM-20-5-opencloudos learning_log]# python3 manage.py check --deploy System check identified some issues: WARNINGS: ?: (security.W004) You have not set a value for the SECURE_HSTS_SECONDS setting. If your entire site is served only over SSL, you may want to consider setting a value and enabling HTTP Strict Transport Security. Be sure to read the documentation first; enabling HSTS carelessly can cause serious, irreversible problems. ?: (security.W008) Your SECURE_SSL_REDIRECT setting is not set to True. Unless your site should be available over both SSL and non-SSL connections, you may want to either set this setting True or configure a load balancer or reverse-proxy server to redirect all connections to HTTPS. ?: (security.W009) Your SECRET_KEY has less than 50 characters, less than 5 unique characters, or it's prefixed with 'django-insecure-' indicating that it was generated automatically by Django. Please generate a long and random value, otherwise many of Django's security-critical features will be vulnerable to attack. ?: (security.W012) SESSION_COOKIE_SECURE is not set to True. Using a secure-only session cookie makes it more difficult for network traffic sniffers to hijack user sessions. ?: (security.W016) You have 'django.middleware.csrf.CsrfViewMiddleware' in your MIDDLEWARE, but you have not set CSRF_COOKIE_SECURE to True. Using a secure-only CSRF cookie makes it more difficult for network traffic sniffers to steal the CSRF token. ?: (security.W018) You should not have DEBUG set to True in deployment. System check identified 6 issues (0 silenced). [root@VM-20-5-opencloudos learning_log]# curl -v -H "Host: 127.0.0.1" http://127.0.0.1:5000 * Trying 127.0.0.1:5000... * connect to 127.0.0.1 port 5000 failed: Connection refused * Failed to connect to 127.0.0.1 port 5000 after 0 ms: Couldn't connect to server * Closing connection curl: (7) Failed to connect to 127.0.0.1 port 5000 after 0 ms: Couldn't connect to server [root@VM-20-5-opencloudos learning_log]# uwsgi --ini uwsgi.ini [uWSGI] getting INI configuration from uwsgi.ini [root@VM-20-5-opencloudos learning_log]# ps aux | grep uwsgi root 78396 0.0 0.5 22248 11020 ? S 18:29 0:00 uwsgi --ini uwsgi.ini root 78397 5.1 2.1 129992 44244 ? Sl 18:29 0:00 uwsgi --ini uwsgi.ini root 78398 5.1 2.2 129992 44348 ? Sl 18:29 0:00 uwsgi --ini uwsgi.ini root 78399 0.0 0.4 26348 9620 ? S 18:29 0:00 uwsgi --ini uwsgi.ini root 78435 0.0 0.1 6460 2100 pts/0 S+ 18:29 0:00 grep --color=auto uwsgi [root@VM-20-5-opencloudos learning_log]# curl -v -H "Host: 127.0.0.1" http://127.0.0.1:5000 * Trying 127.0.0.1:5000... * Connected to 127.0.0.1 (127.0.0.1) port 5000 > GET / HTTP/1.1 > Host: 127.0.0.1 > User-Agent: curl/8.4.0 > Accept: */* > < HTTP/1.1 200 OK < Content-Type: text/html; charset=utf-8 < X-Frame-Options: DENY < Content-Length: 2621 < Vary: Cookie < X-Content-Type-Options: nosniff < Referrer-Policy: same-origin < Cross-Origin-Opener-Policy: same-origin < <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <title>Learning log</title> <link crossorigin="anonymous" href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.min.css" integrity="sha384-QWTKZyjpPEjISv5WaRU9OFeRpok6YctnYmDr5pNlyT2bRjXh0JMhjY6hW+ALEwIH" rel="stylesheet"> <script crossorigin="anonymous" integrity="sha384-YvpcrYf0tY3lHB60NNkmXc5s9fDVZLESaAA55NDzOxhy9GkcIdslK1eN7N6jIeHz" src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/js/bootstrap.bundle.min.js"></script> </head> <body> <nav class="navbar navbar-expand-md navbar-light bg-light mb-4 border"> <div class="container-fluid"> <a class="navbar-brand" href="/"> Learning Log</a> <button class="navbar-toggler" type="button" data-bs-toggle="collapse" data-bs-target="#navbarCollapse" aria-controls="navbarCollapse" aria-expanded="false" aria-label="Toggle navigation"> <span class="navbar-toggler-icon"></span> </button> <div class="collapse navbar-collapse" id="navbarCollapse"> <ul class="navbar-nav me-auto mb-2 mb-md-0"> <li class="nav-item"> <a class="nav-link" href="/topics/"> Topics</a></li> </ul><!--定义导航栏左侧链接的代码到此结束--> <!--与账户相关的链接--> <ul class="navbar-nav ms-auto mb-2 mb-md-0"> <li class="nav-item"> <a class="nav-link" href="/accounts/register/"> Register</a></li> <li class="nav-item"> <a class="nav-link" href="/accounts/login/"> Log in</a></li> </ul><!--与账户相关的链接到此结束--> </div><!--定义导航栏可折叠部分的代码到此结束--> </div><!--定义导航栏容器的代码到此结束--> </nav><!--定义导航栏的代码到此结束--> <main class="container"> <div class="pb-2 mb-2 border-bottom"> <div class="p-3 mb-4 bg-light border rounded-3"> <div class="container-fluid py-4"> <h1 class="display-3">Track your learning.</h1> <p class="lead">Make your own Learning Log, and keep a list of topics you're learning about. Whenever you learn something new about a topic, make an entry summarizing what you're learned.</p> <a class="btn btn-primary btn-lg mt-1" href="/accounts/register/">Register »</a> </div> </div> </div> <div> </div> </main> </body> * Connection #0 to host 127.0.0.1 left intact </html>[root@VM-20-5-opencloudos learning_log]# sudo lsof -i :5000 COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME uwsgi 78396 root 4u IPv4 443719 0t0 TCP *:commplex-main (LISTEN) uwsgi 78399 root 4u IPv4 443719 0t0 TCP *:commplex-main (LISTEN) [root@VM-20-5-opencloudos learning_log]# kill -9 pid bash: kill: pid: arguments must be process or job IDs [root@VM-20-5-opencloudos learning_log]#
09-16
# Nginx配置示例(/etc/nginx/sites-available/your_site) server { listen 80; server_name yourdomain.com; return 301 https://$host$request_uri; # HTTP重定向到HTTPS } server { listen 443 ssl; ...
Firefox禁止 “This Connection is not Secure“的警告提示
phplife的电子商务网上商城专栏
07-23 4250
Firefox如何禁止 "This Connection is not Secure"的警告提示
.net core 发布到linux出现Your connection is not secure的错误
weixin_33875564的博客
01-11 531
VS2017新建的一个项目发布到Linux,在浏览器输入 http://localhost:5000会自动跳到https://localhost:5001 出现Your connection is not secure的错误 解决方法: 在Progam.cs输入此段代码: var host = new WebHostBuilder() ...
疑难杂症篇(十四)--登陆“https://kali:8834/#/“出现“Your connection is not secure“问题的解决方案
FUXI_Willard
07-18 3370
问题描述: 在安装Nessus过程中,对Nessus进行初始化配置时,登陆"https://kali:8834/#/"时出现"Your connection is not secure."问题,网上给出的答案有:用https://127.0.0.1:8834登陆,或者将firefox中的security某个选项关闭,不知道小伙伴们用这两个方法能不能解决连接不安全的问题,我的是不可以的,下面给出另外一个解决方案。 问题展示:出现"Your connection is not secure."问题; 点
firefox火狐 "Your connection is not secure" "Secure Connection Failed" 问题解决
热门推荐
白衣
07-11 4万+
firefox火狐 "Your connection is not secure" 问题解决症状:进不去网站:firefox bing 登录不上去哪怕是确定不会出错的网站,比如昨晚还登的cn.bing.com 也被火狐拦下了:报错:Secure Connection Failed:原因:这是网站安全证书认证失败的结果,其原因有如下可能:1.自身网络有问题(导致获取/验证证书失败)2.)解决办法:参...
针对centos7系统中 的火狐浏览器 "Your connection is not secure",解决办法
jiangjiaqi6的博客
07-11 6527
1.先检查自己的系统时间是否正确,如果不正确可能是certificate过期,需要同步当前正确的时间。 2.centos7下修改系统时间和时区请参考文章: https://jingyan.baidu.com/article/455a99505aa79ea1662778a5.html ...
火狐浏览器:This Connection is not Secure
We get old too soon and wise too late
06-22 2149
Ref : https://www.ghacks.net/2017/06/13/firefox-disable-this-connection-is-not-secure-warnings/by MikeSun @ 20170622 Thur
解决谷歌网站Your connection is not private问题
p15097962069的博客
12-17 1967
解决谷歌网站Your connection is not private问题
彻底解决火狐浏览器总提示此连接不安全的问题
05-08 4192
如果你的火狐浏览器是最近更新的,那么访问所有没有使用https的网站,需要用户填写数据的地方都会提示此链接是不安全的,用户数据可能被窃取。 怎么查看火狐浏览器的版本信息呢?如图: 新开页面,在地址栏中输入:about:config 点开我了解风险,新页面搜索栏里输入:security.insecure_field_warning.contextual.enabled ...
评论
成就一亿技术人!
拼手气红包6.0元
还能输入1000个字符
 
红包 添加红包
表情包 插入表情
表情包 代码片
 条评论被折叠 查看
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值