Date: Thu, 29 May 2008 20:07:18 -0700 From: Doug Barton <dougb@FreeBSD.org> To: Robert Blayzor <rblayzor.bulk@inoc.net> Cc: freebsd-stable@freebsd.org Subject: Re: Sockets stuck in FIN_WAIT_1 Message-ID: <483F6F66.4050909@FreeBSD.org> In-Reply-To: <EB975E1A-7995-4214-A2CC-AE2D789B19AB@inoc.net> References: <B42F9BDF-1E00-45FF-BD88-5A07B5B553DC@inoc.net> <1A19ABA2-61CD-4D92-A08D-5D9650D69768@mac.com> <23C02C8B-281A-4ABD-8144-3E25E36EDAB4@inoc.net> <483DE2E0.90003@FreeBSD.org> <B775700E-7494-42C1-A9B2-A600CE176ACB@inoc.net> <483E36CE.3060400@FreeBSD.org> <483E3C26.3060103@paradise.net.nz> <483E4657.9060906@FreeBSD.org> <483EA513.4070409@earthlink.net> <96AFE8D3-7EAC-4A4A-8EFF-35A5DCEC6426@inoc.net> <483EAED1.2050404@FreeBSD.org> <200805291912.m4TJCG56025525@apollo.backplane.com> <14DA211A-A9C5-483A-8CB9-886E5B19A840@inoc.net> <200805291930.m4TJUeGX025815@apollo.backplane.com> <0C827F66-09CE-476D-86E9-146AB255926B@inoc.net> <200805292132.m4TLWhCv026720@apollo.backplane.com> <CCBAEE3E-35A5-4BF8-A0B7-321272533B62@inoc.net> <200805300055.m4U0tkqx027965@apollo.backplane.com> <EB975E1A-7995-4214-A2CC-AE2D789B19AB@inoc.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Robert Blayzor wrote:
> On May 29, 2008, at 8:55 PM, Matthew Dillon wrote:
>> It's got to a be a bug on the client(s) in question. I can't think
>> of anything else. You may have to resort to injecting a TCP RST
>> packet (e.g. via a TUN device) to clear the connections.
>
>
>
> That would be most unpleasant... and also seems like some sort of
> exploit if a client and run a server out of socket buffers so easily.
There are way more exciting things about a web server to exploit. :)
> On a side note, I may be onto something... The server traffic right now
> is calming down, but it picks up... I made a change to the IPFW rules
Hrrm, are you running ipfw ON the web server box? If so, I'd be
curious as to why, and whether or not the problem goes away if you
take IPFW out of the equation. If IPFW is running on another machine,
never mind.
Doug
--
This .signature sanitized for your protection
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?483F6F66.4050909>