Received: (from majordom@localhost) by hyperreal.com (8.8.5/8.8.5) id QAA23712; Sat, 28 Jun 1997 16:58:03 -0700 (PDT) Received: (from marc@localhost) by hyperreal.com (8.8.5/8.8.5) id QAA23695 for apache-cvs; Sat, 28 Jun 1997 16:58:00 -0700 (PDT) Date: Sat, 28 Jun 1997 16:58:00 -0700 (PDT) From: Marc Slemko Message-Id: <199706282358.QAA23695@hyperreal.com> To: apache-cvs@hyperreal.com Subject: cvs commit: apache/src http_conf_globals.h http_config.c http_core.c http_main.c httpd.h Sender: apache-cvs-owner@apache.org Precedence: bulk Reply-To: new-httpd@apache.org marc 97/06/28 16:57:59 Modified: htdocs/manual/mod core.html directives.html src http_conf_globals.h http_config.c http_core.c http_main.c httpd.h Log: Add ListenBacklog directive to control the backlog passed to listen(). Also change the default to 511 for platforms that use an 8-bit datatype to store it. A slightly different implementation than suggested by Taso Devetzis , who submitted the PR. PR: 240 Reviewed by: Dean Gaudet, Jim Jagielski Revision Changes Path 1.59 +14 -0 apache/htdocs/manual/mod/core.html Index: core.html =================================================================== RCS file: /export/home/cvs/apache/htdocs/manual/mod/core.html,v retrieving revision 1.58 retrieving revision 1.59 diff -C3 -r1.58 -r1.59 *** core.html 1997/06/22 23:58:38 1.58 --- core.html 1997/06/28 23:57:53 1.59 *************** *** 43,48 **** --- 43,49 ----
  • KeepAliveTimeout
  • <Limit>
  • Listen +
  • ListenBacklog
  • <Location>
  • MaxClients
  • MaxKeepAliveRequests *************** *** 657,662 **** --- 658,676 ---- See Also: Known Bugs

    + + ListenBacklog + Syntax: ListenBacklog backlog
    + Default: ListenBacklog 511
    + Context: server config
    + Status: Core
    + Compatibility: ListenBacklog is only available in Apache + versions after 1.2.0.

    + + The maximum length of the queue of pending connections. Generally no + tuning is needed or desired, however on some systems it is desirable + to increase this when under a TCP SYN flood attack. See + the backlog parameter to the listen(2) system call.

    <Limit> directive

    1.21 +1 -0 apache/htdocs/manual/mod/directives.html Index: directives.html =================================================================== RCS file: /export/home/cvs/apache/htdocs/manual/mod/directives.html,v retrieving revision 1.20 retrieving revision 1.21 diff -C3 -r1.20 -r1.21 *** directives.html 1997/06/04 16:14:14 1.20 --- directives.html 1997/06/28 23:57:54 1.21 *************** *** 103,108 **** --- 103,109 ----
  • LanguagePriority
  • <Limit>
  • Listen +
  • ListenBacklog
  • LoadFile
  • LoadModule
  • <Location> 1.12 +1 -0 apache/src/http_conf_globals.h Index: http_conf_globals.h =================================================================== RCS file: /export/home/cvs/apache/src/http_conf_globals.h,v retrieving revision 1.11 retrieving revision 1.12 diff -C3 -r1.11 -r1.12 *** http_conf_globals.h 1997/06/28 23:05:13 1.11 --- http_conf_globals.h 1997/06/28 23:57:55 1.12 *************** *** 71,76 **** --- 71,77 ---- extern int daemons_max_free; extern int daemons_limit; extern int suexec_enabled; + extern int listenbacklog; extern char *pid_fname; extern char *scoreboard_fname; 1.53 +1 -0 apache/src/http_config.c Index: http_config.c =================================================================== RCS file: /export/home/cvs/apache/src/http_config.c,v retrieving revision 1.52 retrieving revision 1.53 diff -C3 -r1.52 -r1.53 *** http_config.c 1997/06/28 23:05:13 1.52 --- http_config.c 1997/06/28 23:57:55 1.53 *************** *** 1044,1049 **** --- 1044,1050 ---- max_requests_per_child = DEFAULT_MAX_REQUESTS_PER_CHILD; bind_address.s_addr = htonl(INADDR_ANY); listeners = NULL; + listenbacklog = DEFAULT_LISTENBACKLOG; } server_rec *init_server_config(pool *p) 1.87 +12 -0 apache/src/http_core.c Index: http_core.c =================================================================== RCS file: /export/home/cvs/apache/src/http_core.c,v retrieving revision 1.86 retrieving revision 1.87 diff -C3 -r1.86 -r1.87 *** http_core.c 1997/06/28 23:05:13 1.86 --- http_core.c 1997/06/28 23:57:55 1.87 *************** *** 1175,1180 **** --- 1175,1191 ---- return NULL; } + const char *set_listenbacklog (cmd_parms *cmd, void *dummy, char *arg) { + int b; + + if (cmd->server->is_virtual) + return "ListenBacklog not allowed in "; + b = atoi (arg); + if (b < 1) return "ListenBacklog must be > 0"; + listenbacklog = b; + return NULL; + } + /* Note --- ErrorDocument will now work from .htaccess files. * The AllowOverride of Fileinfo allows webmasters to turn it off */ *************** *** 1292,1297 **** --- 1303,1309 ---- { "ClearModuleList", clear_module_list_command, NULL, RSRC_CONF, NO_ARGS, NULL }, { "ThreadsPerChild", set_threads, NULL, RSRC_CONF, TAKE1, "Number of threads a child creates" }, { "ExcessRequestsPerChild", set_excess_requests, NULL, RSRC_CONF, TAKE1, "Maximum number of requests a particular child serves after it is ready to die." }, + { "ListenBacklog", set_listenbacklog, NULL, RSRC_CONF, TAKE1, "maximum length of the queue of pending connections, as used by listen(2)" }, { NULL }, }; 1.165 +2 -1 apache/src/http_main.c Index: http_main.c =================================================================== RCS file: /export/home/cvs/apache/src/http_main.c,v retrieving revision 1.164 retrieving revision 1.165 diff -C3 -r1.164 -r1.165 *** http_main.c 1997/06/28 23:05:14 1.164 --- http_main.c 1997/06/28 23:57:56 1.165 *************** *** 164,169 **** --- 164,170 ---- int daemons_limit; time_t restart_time; int suexec_enabled = 0; + int listenbacklog; char server_root[MAX_STRING_LEN]; char server_confname[MAX_STRING_LEN]; *************** *** 1882,1888 **** #ifdef MPE if (ntohs(server->sin_port) < 1024) GETUSERMODE(); #endif ! listen(s, 512); return s; } --- 1883,1889 ---- #ifdef MPE if (ntohs(server->sin_port) < 1024) GETUSERMODE(); #endif ! listen(s, listenbacklog); return s; } 1.118 +11 -0 apache/src/httpd.h Index: httpd.h =================================================================== RCS file: /export/home/cvs/apache/src/httpd.h,v retrieving revision 1.117 retrieving revision 1.118 diff -C3 -r1.117 -r1.118 *** httpd.h 1997/06/28 23:05:15 1.117 --- httpd.h 1997/06/28 23:57:57 1.118 *************** *** 241,246 **** --- 241,257 ---- #define DEFAULT_THREADS_PER_CHILD 50 #define DEFAULT_EXCESS_REQUESTS_PER_CHILD 0 + /* The maximum length of the queue of pending connections, as defined + * by listen(2). Under some systems, it should be increased if you + * are experiencing a heavy TCP SYN flood attack. + * + * It defaults to 511 instead of 512 because some systems store it + * as an 8-bit datatype; 512 truncated to 8-bits is 0, while 511 is + * 255 when truncated. + */ + + #define DEFAULT_LISTENBACKLOG 511 + /* If you have altered Apache and wish to change the SERVER_VERSION * identifier below, please keep to the HTTP specification. This states that * the identification string should consist of product tokens with an optional