Hi all! I have been looking for an answer to this issue for some time and cannot locate a good solution. I have a GNU/Linux machine (Fedora Core 2, kernel version 2.6.5-1.358) used as a gateway for wireless customers to connect and get redirected to our signup page. Several months ago, we started experiencing 100% CPU usage from this machine and `top` results show multiple `grep` commands as the culprit. These `grep` commands are owned by the `apache` user and, I believe, are being run when a 404 error occurs because of unsubscribed users’ attempts to retrieve WPAD files (wpad.dat, v8, pki).
The `grep` command itself looks for the MAC address of the user’s NIC (see commands below). I really hope someone has an answer or at least an idea of where I should look; I’m completed stumped on this one. Thanks in advance!
<code>
apache 3881 1495 0 13:10 ? 00:00:00 sh -c grep 10.255.236.188 /var/log/dhcpd.log* | grep “DHCPACK on 10.255.236.18
8” | tail -n 1
apache 3882 3881 4 13:10 ? 00:00:08 grep 10.255.236.188 /var/log/dhcpd.log /var/log/dhcpd.log.1 /var/log/dhcpd.log
.2 /var/log/dhcpd.log.3 /var/log/dhcpd.log.4 /var/log/dhcpd.log.5
apache 3883 3881 0 13:10 ? 00:00:00 grep DHCPACK on 10.255.236.188