lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <4609A42A.4040304@mvista.com>
Date:	Tue, 27 Mar 2007 16:09:30 -0700
From:	Mark Huth <mhuth@...sta.com>
To:	David Miller <davem@...emloft.net>
Cc:	dagriego@...il.com, davem@...emloft.ne, netdev@...r.kernel.org
Subject: Re: [PATCH] NET: Add TCP connection abort IOCTL



David Miller wrote:
> From: dagriego@...il.com (David Griego)
> Date: Tue, 27 Mar 2007 14:47:54 -0700
>
>   
>> Adds an IOCTL for aborting established TCP connections, and is
>> designed to be an HA performance improvement for cleaning up, failure 
>> notification, and application termination.
>>
>> Signed-off-by:  David Griego <dagriego@...il.com>
>>     
>
> SO_LINGER with a zero linger time plus close() isn't working
> properly?
>
> There is no reason for this ioctl at all.  Either existing
> facilities provide what you need or what you want is a
> protocol violation we can't do.
>   
Actually, there are legitimate uses for this sort of API.  The patch 
allows an administrator to kill specific connections that are in use by 
other applications, where the close is not available, since the socket 
is owned by another process.  Say one of your large applications has 
hundreds or even thousands of open connections and you have determined 
that a particular connection is causing trouble.  This API allows the 
admin to kill that particular connection, and doesn't appear to violate 
any RFC offhand, since an abort is sent  to the peer.

One may argue that the applications should be modified, but that is not 
always possible in the case of various ISVs.  As Linux gains market 
share in the large server market, more and more applications are being 
ported from other platforms that have this sort of 
management/administrative interfaces.

Mark Huth
> -
> To unsubscribe from this list: send the line "unsubscribe netdev" in
> the body of a message to majordomo@...r.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
>
>   
-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ