Date: 01 Jun 1999 17:30:13 -0400 From: Sudish Joseph <sj@eng.mindspring.net> To: current@FreeBSD.ORG Subject: Re: net.inet.tcp.always_keepalive on as default ? Message-ID: <yviavhd7zk0q.fsf@ra.eng.mindspring.net> In-Reply-To: Poul-Henning Kamp's message of "Tue, 01 Jun 1999 22:12:02 %2B0200" References: <19990601130331.A21176@wopr.caltech.edu> <22394.928267922@critter.freebsd.dk>
next in thread | previous in thread | raw e-mail | index | archive | help
Poul-Henning Kamp writes: > Mind you, this is only a problem because FreeBSD is to bloddy > stable: I logged into a customers server a few days a go, it had > been up for over a year, and had accumulated tons of ftpds from If this customer is using wu-ftpd, it's very possible that you saw daemons blocked inside of accept() for PASV data connections. We used to see the same behavior here wrt. ftpds hanging around and it was almost always the case that the socket was in the LISTEN state. The code (ftpd.c:dataconn()) was changed to time out the data connection establishment using select() before calling accept(). If the client doesn't connect within 15 minutes, we log the event and the daemon exits. A diff against our code wouldn't be helpful, since we've added our own ugly warts to it (but I'll do so if you want it). If this is indeed the same problem you're seeing, tcp keepalives won't help. I haven't looked at the FreeBSD ftpd code to see if the accept is timed out somehow to prevent this (possibly inadvertent) DOS attack. -- Sudish Joseph MindSpring Enterprises To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?yviavhd7zk0q.fsf>