Received: (from majordom@localhost)
by hyperreal.com (8.8.5/8.8.5) id QAA23712;
Sat, 28 Jun 1997 16:58:03 -0700 (PDT)
Received: (from marc@localhost)
by hyperreal.com (8.8.5/8.8.5) id QAA23695
for apache-cvs; Sat, 28 Jun 1997 16:58:00 -0700 (PDT)
Date: Sat, 28 Jun 1997 16:58:00 -0700 (PDT)
From: Marc Slemko
Message-Id: <199706282358.QAA23695@hyperreal.com>
To: apache-cvs@hyperreal.com
Subject: cvs commit: apache/src http_conf_globals.h http_config.c http_core.c
http_main.c httpd.h
Sender: apache-cvs-owner@apache.org
Precedence: bulk
Reply-To: new-httpd@apache.org
marc 97/06/28 16:57:59
Modified: htdocs/manual/mod core.html directives.html
src http_conf_globals.h http_config.c http_core.c
http_main.c httpd.h
Log:
Add ListenBacklog directive to control the backlog passed to listen().
Also change the default to 511 for platforms that use an 8-bit datatype
to store it.
A slightly different implementation than suggested by Taso Devetzis
, who submitted the PR.
PR: 240
Reviewed by: Dean Gaudet, Jim Jagielski
Revision Changes Path
1.59 +14 -0 apache/htdocs/manual/mod/core.html
Index: core.html
===================================================================
RCS file: /export/home/cvs/apache/htdocs/manual/mod/core.html,v
retrieving revision 1.58
retrieving revision 1.59
diff -C3 -r1.58 -r1.59
*** core.html 1997/06/22 23:58:38 1.58
--- core.html 1997/06/28 23:57:53 1.59
***************
*** 43,48 ****
--- 43,49 ----
KeepAliveTimeout
<Limit>
Listen
+ ListenBacklog
<Location>
MaxClients
MaxKeepAliveRequests
***************
*** 657,662 ****
--- 658,676 ----
See Also:
Known Bugs
+
+ ListenBacklog
+ Syntax: ListenBacklog backlog
+ Default: ListenBacklog 511
+ Context: server config
+ Status: Core
+ Compatibility: ListenBacklog is only available in Apache
+ versions after 1.2.0.
+
+ The maximum length of the queue of pending connections. Generally no
+ tuning is needed or desired, however on some systems it is desirable
+ to increase this when under a TCP SYN flood attack. See
+ the backlog parameter to the listen(2)
system call.
<Limit> directive
1.21 +1 -0 apache/htdocs/manual/mod/directives.html
Index: directives.html
===================================================================
RCS file: /export/home/cvs/apache/htdocs/manual/mod/directives.html,v
retrieving revision 1.20
retrieving revision 1.21
diff -C3 -r1.20 -r1.21
*** directives.html 1997/06/04 16:14:14 1.20
--- directives.html 1997/06/28 23:57:54 1.21
***************
*** 103,108 ****
--- 103,109 ----
LanguagePriority
<Limit>
Listen
+ ListenBacklog
LoadFile
LoadModule
<Location>
1.12 +1 -0 apache/src/http_conf_globals.h
Index: http_conf_globals.h
===================================================================
RCS file: /export/home/cvs/apache/src/http_conf_globals.h,v
retrieving revision 1.11
retrieving revision 1.12
diff -C3 -r1.11 -r1.12
*** http_conf_globals.h 1997/06/28 23:05:13 1.11
--- http_conf_globals.h 1997/06/28 23:57:55 1.12
***************
*** 71,76 ****
--- 71,77 ----
extern int daemons_max_free;
extern int daemons_limit;
extern int suexec_enabled;
+ extern int listenbacklog;
extern char *pid_fname;
extern char *scoreboard_fname;
1.53 +1 -0 apache/src/http_config.c
Index: http_config.c
===================================================================
RCS file: /export/home/cvs/apache/src/http_config.c,v
retrieving revision 1.52
retrieving revision 1.53
diff -C3 -r1.52 -r1.53
*** http_config.c 1997/06/28 23:05:13 1.52
--- http_config.c 1997/06/28 23:57:55 1.53
***************
*** 1044,1049 ****
--- 1044,1050 ----
max_requests_per_child = DEFAULT_MAX_REQUESTS_PER_CHILD;
bind_address.s_addr = htonl(INADDR_ANY);
listeners = NULL;
+ listenbacklog = DEFAULT_LISTENBACKLOG;
}
server_rec *init_server_config(pool *p)
1.87 +12 -0 apache/src/http_core.c
Index: http_core.c
===================================================================
RCS file: /export/home/cvs/apache/src/http_core.c,v
retrieving revision 1.86
retrieving revision 1.87
diff -C3 -r1.86 -r1.87
*** http_core.c 1997/06/28 23:05:13 1.86
--- http_core.c 1997/06/28 23:57:55 1.87
***************
*** 1175,1180 ****
--- 1175,1191 ----
return NULL;
}
+ const char *set_listenbacklog (cmd_parms *cmd, void *dummy, char *arg) {
+ int b;
+
+ if (cmd->server->is_virtual)
+ return "ListenBacklog not allowed in ";
+ b = atoi (arg);
+ if (b < 1) return "ListenBacklog must be > 0";
+ listenbacklog = b;
+ return NULL;
+ }
+
/* Note --- ErrorDocument will now work from .htaccess files.
* The AllowOverride of Fileinfo allows webmasters to turn it off
*/
***************
*** 1292,1297 ****
--- 1303,1309 ----
{ "ClearModuleList", clear_module_list_command, NULL, RSRC_CONF, NO_ARGS, NULL },
{ "ThreadsPerChild", set_threads, NULL, RSRC_CONF, TAKE1, "Number of threads a child creates" },
{ "ExcessRequestsPerChild", set_excess_requests, NULL, RSRC_CONF, TAKE1, "Maximum number of requests a particular child serves after it is ready to die." },
+ { "ListenBacklog", set_listenbacklog, NULL, RSRC_CONF, TAKE1, "maximum length of the queue of pending connections, as used by listen(2)" },
{ NULL },
};
1.165 +2 -1 apache/src/http_main.c
Index: http_main.c
===================================================================
RCS file: /export/home/cvs/apache/src/http_main.c,v
retrieving revision 1.164
retrieving revision 1.165
diff -C3 -r1.164 -r1.165
*** http_main.c 1997/06/28 23:05:14 1.164
--- http_main.c 1997/06/28 23:57:56 1.165
***************
*** 164,169 ****
--- 164,170 ----
int daemons_limit;
time_t restart_time;
int suexec_enabled = 0;
+ int listenbacklog;
char server_root[MAX_STRING_LEN];
char server_confname[MAX_STRING_LEN];
***************
*** 1882,1888 ****
#ifdef MPE
if (ntohs(server->sin_port) < 1024) GETUSERMODE();
#endif
! listen(s, 512);
return s;
}
--- 1883,1889 ----
#ifdef MPE
if (ntohs(server->sin_port) < 1024) GETUSERMODE();
#endif
! listen(s, listenbacklog);
return s;
}
1.118 +11 -0 apache/src/httpd.h
Index: httpd.h
===================================================================
RCS file: /export/home/cvs/apache/src/httpd.h,v
retrieving revision 1.117
retrieving revision 1.118
diff -C3 -r1.117 -r1.118
*** httpd.h 1997/06/28 23:05:15 1.117
--- httpd.h 1997/06/28 23:57:57 1.118
***************
*** 241,246 ****
--- 241,257 ----
#define DEFAULT_THREADS_PER_CHILD 50
#define DEFAULT_EXCESS_REQUESTS_PER_CHILD 0
+ /* The maximum length of the queue of pending connections, as defined
+ * by listen(2). Under some systems, it should be increased if you
+ * are experiencing a heavy TCP SYN flood attack.
+ *
+ * It defaults to 511 instead of 512 because some systems store it
+ * as an 8-bit datatype; 512 truncated to 8-bits is 0, while 511 is
+ * 255 when truncated.
+ */
+
+ #define DEFAULT_LISTENBACKLOG 511
+
/* If you have altered Apache and wish to change the SERVER_VERSION
* identifier below, please keep to the HTTP specification. This states that
* the identification string should consist of product tokens with an optional