• Dan McGee's avatar
    Set socket TCP keepalive option on incoming connections · 27946a98
    Dan McGee authored
    If a connected host disappears without our knowledge, as can happen over
    wireless or a hibernating machine, we continue to hold the port open waiting
    for messages. Because we never try to send anything down this now-broken
    pipe, the connection will sit idle taking up a slot in our allowed incoming
    connections list.
    
    If enough of these happen, an unintended Denial of Service takes place,
    where all connection slots are filled with now-broken, never ending
    connections. Setting the TCP keepalive option at least allows these to time
    out after the default two hours, which is sufficient in the non-malicious
    case.
    Signed-off-by: 's avatarDan McGee <dan@archlinux.org>
    27946a98
Name
Last commit
Last update
doc Loading commit data...
m4 Loading commit data...
scripts Loading commit data...
src Loading commit data...
test Loading commit data...
.gitignore Loading commit data...
AUTHORS Loading commit data...
COPYING Loading commit data...
INSTALL Loading commit data...
Makefile.am Loading commit data...
NEWS Loading commit data...
README Loading commit data...
UPGRADING Loading commit data...
autogen.sh Loading commit data...
configure.ac Loading commit data...
valgrind.suppressions Loading commit data...