linux

History

Willy Tarreau 6d01a026b7 tcp: fix tcp_defer_accept to consider the timeout I was trying to use TCP_DEFER_ACCEPT and noticed that if the client does not talk, the connection is never accepted and remains in SYN_RECV state until the retransmits expire, where it finally is deleted. This is bad when some firewall such as netfilter sits between the client and the server because the firewall sees the connection in ESTABLISHED state while the server will finally silently drop it without sending an RST. This behaviour contradicts the man page which says it should wait only for some time : TCP_DEFER_ACCEPT (since Linux 2.4) Allows a listener to be awakened only when data arrives on the socket. Takes an integer value (seconds), this can bound the maximum number of attempts TCP will make to complete the connection. This option should not be used in code intended to be portable. Also, looking at ipv4/tcp.c, a retransmit counter is correctly computed : case TCP_DEFER_ACCEPT: icsk->icsk_accept_queue.rskq_defer_accept = 0; if (val > 0) { /* Translate value in seconds to number of * retransmits */ while (icsk->icsk_accept_queue.rskq_defer_accept < 32 && val > ((TCP_TIMEOUT_INIT / HZ) << icsk->icsk_accept_queue.rskq_defer_accept)) icsk->icsk_accept_queue.rskq_defer_accept++; icsk->icsk_accept_queue.rskq_defer_accept++; } break; ==> rskq_defer_accept is used as a counter of retransmits. But in tcp_minisocks.c, this counter is only checked. And in fact, I have found no location which updates it. So I think that what was intended was to decrease it in tcp_minisocks whenever it is checked, which the trivial patch below does. Signed-off-by: Willy Tarreau <w@1wt.eu> Signed-off-by: David S. Miller <davem@davemloft.net>		2009-10-13 01:35:28 -07:00
..
netfilter	netfilter: nfnetlink: constify message attributes and headers	2009-08-25 16:07:58 +02:00
af_inet.c	net: Use sk_mark for routing lookup in more places	2009-10-01 15:16:49 -07:00
ah4.c	net: constify struct net_protocol	2009-09-14 17:03:01 -07:00
arp.c	net: make neigh_ops constant	2009-09-01 17:40:57 -07:00
cipso_ipv4.c	netlabel: Label incoming TCP connections correctly in SELinux	2009-03-28 15:01:36 +11:00
datagram.c	mib: add net to IP_INC_STATS_BH	2008-07-16 20:20:11 -07:00
devinet.c	ipv4: arp_notify address list bug	2009-10-07 03:18:17 -07:00
esp4.c	net: constify struct net_protocol	2009-09-14 17:03:01 -07:00
fib_frontend.c	ipv4: cleanup: remove unnecessary include.	2009-05-18 15:16:38 -07:00
fib_hash.c	ipv4: cleanup - remove two unused parameters from fib_semantic_match().	2009-05-18 15:16:37 -07:00
fib_lookup.h	ipv4: cleanup - remove two unused parameters from fib_semantic_match().	2009-05-18 15:16:37 -07:00
fib_rules.c	net: Remove unused parameter from fill method in fib_rules_ops.	2009-05-20 17:26:23 -07:00
fib_semantics.c	ipv4: cleanup - remove two unused parameters from fib_semantic_match().	2009-05-18 15:16:37 -07:00
fib_trie.c	fib_trie: resize rework	2009-08-28 23:57:15 -07:00
icmp.c	net: constify struct net_protocol	2009-09-14 17:03:01 -07:00
igmp.c	bonding: remap muticast addresses without using dev_close() and dev_open()	2009-09-15 02:37:40 -07:00
inet_connection_sock.c	net: Make setsockopt() optlen be unsigned.	2009-09-30 16:12:20 -07:00
inet_diag.c	net: correct off-by-one write allocations reports	2009-06-18 00:29:12 -07:00
inet_fragment.c	inet fragments: fix sparse warning: context imbalance	2009-02-26 23:13:35 -08:00
inet_hashtables.c	net: move bsockets outside of read only beginning of struct inet_hashinfo	2009-02-01 12:31:33 -08:00
inet_lro.c	include/net net/ - csum_partial - remove unnecessary casts	2008-11-19 15:44:53 -08:00
inet_timewait_sock.c	tcp: fix premature termination of FIN_WAIT2 time-wait sockets	2009-08-29 00:00:35 -07:00
inetpeer.c	net: clean up net/ipv4/ah4.c esp4.c fib_semantics.c inet_connection_sock.c inetpeer.c ip_output.c	2008-11-03 00:23:42 -08:00
ip_forward.c	net: skb->dst accessors	2009-06-03 02:51:04 -07:00
ip_fragment.c	ipv4: Use frag list abstraction interfaces.	2009-06-09 00:19:37 -07:00
ip_gre.c	tunnel: eliminate recursion field	2009-09-24 15:39:22 -07:00
ip_input.c	net: constify struct net_protocol	2009-09-14 17:03:01 -07:00
ip_options.c	net: skb->dst accessors	2009-06-03 02:51:04 -07:00
ip_output.c	net: Use sk_mark for routing lookup in more places	2009-10-01 15:16:49 -07:00
ip_sockglue.c	net: Make setsockopt() optlen be unsigned.	2009-09-30 16:12:20 -07:00
ipcomp.c	net: constify struct net_protocol	2009-09-14 17:03:01 -07:00
ipconfig.c	ipv4: teach ipconfig about the MTU option in DHCP	2009-05-19 15:36:17 -07:00
ipip.c	tunnel: eliminate recursion field	2009-09-24 15:39:22 -07:00
ipmr.c	net: Make setsockopt() optlen be unsigned.	2009-09-30 16:12:20 -07:00
Kconfig	ipv4: update ARPD help text	2009-06-13 23:36:32 -07:00
Makefile	IPVS: Move IPVS to net/netfilter/ipvs	2008-10-07 08:38:24 +11:00
netfilter.c	net: skb->dst accessors	2009-06-03 02:51:04 -07:00
proc.c	snmp: add missing counters for RFC 4293	2009-04-27 02:45:02 -07:00
protocol.c	net: constify struct net_protocol	2009-09-14 17:03:01 -07:00
raw.c	net: Make setsockopt() optlen be unsigned.	2009-09-30 16:12:20 -07:00
route.c	sysctl: remove "struct file *" argument of ->proc_handler	2009-09-24 07:21:04 -07:00
syncookies.c	percpu: clean up percpu variable definitions	2009-06-24 15:13:48 +09:00
sysctl_net_ipv4.c	sysctl: remove "struct file *" argument of ->proc_handler	2009-09-24 07:21:04 -07:00
tcp_bic.c	tcp: add helper for AI algorithm	2009-03-02 03:00:15 -08:00
tcp_cong.c	Networking: use CAP_NET_ADMIN when deciding to call request_module	2009-08-14 11:18:34 +10:00
tcp_cubic.c	tcp: add helper for AI algorithm	2009-03-02 03:00:15 -08:00
tcp_diag.c	net: inet_diag_handler structs can be const	2008-11-19 15:43:27 -08:00
tcp_highspeed.c
tcp_htcp.c	htcp: merge icsk_ca_state compare	2009-03-02 03:00:14 -08:00
tcp_hybla.c	tcp: Fix tcp_hybla zero congestion window growth with small rho and large cwnd.	2008-10-07 15:58:17 -07:00
tcp_illinois.c
tcp_input.c	tcp: fix ssthresh u16 leftover	2009-09-15 01:30:10 -07:00
tcp_ipv4.c	tcp: fix ssthresh u16 leftover	2009-09-15 01:30:10 -07:00
tcp_lp.c
tcp_minisocks.c	tcp: fix tcp_defer_accept to consider the timeout	2009-10-13 01:35:28 -07:00
tcp_output.c	IPv4 TCP fails to send window scale option when window scale is zero	2009-10-01 15:14:51 -07:00
tcp_probe.c	tcp: '< 0' test on unsigned	2009-03-13 16:05:14 -07:00
tcp_scalable.c	tcp: add helper for AI algorithm	2009-03-02 03:00:15 -08:00
tcp_timer.c	Revert Backoff [v3]: Calculate TCP's connection close threshold as a time value.	2009-09-01 02:45:47 -07:00
tcp_vegas.c	tcp: tcp_vegas ssthresh bugfix	2009-05-25 22:44:59 -07:00
tcp_vegas.h
tcp_veno.c	tcp: add helper for AI algorithm	2009-03-02 03:00:15 -08:00
tcp_westwood.c
tcp_yeah.c	tcp: add helper for AI algorithm	2009-03-02 03:00:15 -08:00
tcp.c	net: splice() from tcp to pipe should take into account O_NONBLOCK	2009-10-02 09:46:05 -07:00
tunnel4.c	net: constify struct net_protocol	2009-09-14 17:03:01 -07:00
udp_impl.h	net: Make setsockopt() optlen be unsigned.	2009-09-30 16:12:20 -07:00
udp.c	net: Use sk_mark for routing lookup in more places	2009-10-01 15:16:49 -07:00
udplite.c	net: constify struct net_protocol	2009-09-14 17:03:01 -07:00
xfrm4_input.c	net: skb->dst accessors	2009-06-03 02:51:04 -07:00
xfrm4_mode_beet.c	ipsec: Interfamily IPSec BEET	2008-08-06 02:39:30 -07:00
xfrm4_mode_transport.c
xfrm4_mode_tunnel.c	net: skb->dst accessors	2009-06-03 02:51:04 -07:00
xfrm4_output.c	net: skb->dst accessors	2009-06-03 02:51:04 -07:00
xfrm4_policy.c	xfrm4: fix build when SYSCTLs are disabled	2009-08-04 20:18:33 -07:00
xfrm4_state.c	xfrm: remove useless forward declarations	2008-11-25 01:05:54 -08:00
xfrm4_tunnel.c	[IPCOMP]: Fix reception of incompressible packets	2008-01-31 19:27:24 -08:00