[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: 2.99.48 smtpserver won't accept()?

To: Matti Aarnio <mea@nic.funet.fi>
Subject: Re: 2.99.48 smtpserver won't accept()?
From: Tom Samplonius <tom@sdf.com>
Date: Tue, 6 May 1997 09:29:01 -0700 (PDT)
cc: Andy Poling <andy@realbig.com>, zmailer@nic.funet.fi
In-Reply-To: <19970506102101Z12978-143+142@nic.funet.fi>


On Tue, 6 May 1997, Matti Aarnio wrote:

> > In case anyone else runs into this, I'll document the problem:
> > 
> > On Sat, 3 May 1997, I wrote:
> > > I just updated one of my Linux (2.0.26) systems from zmailer 2.99.38 to
> > > 2.99.48pl2.
> > > 
> > > Now the SMTP server won't accept any connections.  Strace shows it
> > > sitting in an accept() even after I've attempted to connect to it
> > > from a variety of machines.  The TCP connection actually never gets
> > > established.  It looks to me like there's something wrong with the
> > > bind() or some ioctl on the socket before the accept().
> > 
> > Matti figured it out.  I should have recognized the symptoms.  Prior to the
> > 2.0.27 Linux kernel, large arguments (larger than 8 bits - 255) caused
> > select() to hang and never return.  The new smtpserver is using
> > select(2000) to combat denial of service attacks.
> 
> 	Sorry, Andy mixed things.   It is   listen(sock, LIMIT)  where
> 	the limit value has traditionally been limited to 5, and on those
> 	systems that have it fixed, no matter how high the parameter is,
> 	it will be 5. (Or lower, minimum is 1, I think.)
> 
> 	With newer systems the LIMIT value can be higher, and I did reason
> 	that as my Linux 2.0.27 works just fine with 2000 (and is SYN-attack
> 	resilient), and Solaris 2.5.1 and DEC/UNIX work too, I should be
> 	"home free" with it.
> 
> 	It surprises me that  limit(sock, 2000)  is too high for Linux
> 	kernel version 2.0.26.
> 
> 	The whole excercise has been for getting the system to be SYN-attack
> 	resilient in the SMTP service -- at those systems capable to be such.
> 
> > -Andy
> > Global Auctions
> 
> 	/Matti Aarnio <mea@nic.funet.fi>

  I was wondering why smtpserver would be calling select() on incoming
connections, now I know :)

  BTW, BSD4.4 systems have a define in sys/socket.h called SOMAXCONN that
defines the maximum value for listen.  If the supplied param is bigger
than SOMAXCONN, it is set to SOMAXCONN.

  I'm pretty sure that Solaris does this too.  I really doubt that you are
actually get a "real" 2000 entry listen queue :)

Tom

Follow-Ups:
- Re: 2.99.48 smtpserver won't accept()?
  - From: Matti Aarnio <mea@nic.funet.fi> (Tue, 6 May 1997 22:53:42 +0300)

References:
- Re: 2.99.48 smtpserver won't accept()?
  - From: Matti Aarnio <mea@nic.funet.fi>

Prev by Date: Re: 2.99.48 smtpserver won't accept()?
Next by Date: Re: 2.99.48 smtpserver won't accept()?
Prev by thread: Re: 2.99.48 smtpserver won't accept()?
Next by thread: Re: 2.99.48 smtpserver won't accept()?
Index(es):
- Date
- Thread