Hi Heikki, On 2016-06-10 09:39, Heikki Vatiainen wrote: > On 8.6.2016 11.28, Hartmaier Alexander wrote: > >>> Hmm, do you get these often? Also, does your configuration have FarmSize >>> enabled? This error occurs very early after the new connection has been >>> accepted. The code tries to figure out the address and port of the >>> client, but getpeername call fails. >> Yes, all the time. No FarmSize so far. So these are reverse dns lookups? >> Can we disable them? > These do not involve DNS. It's simply a socket function call that > returns information about the socket. > > I tried reproducting this and noticed that a successful and normal TCP > three-way handshake followed by RST causes this on Linux. On OS X the > error is 'Invalid argument'. > > Do you have a monitoring program scanning for or monitoring TCP listen > ports on your network? These scanners may be using the above method with > their checks (normal open + RST to close). No, that's from regular TACACS+ connection, I suspect NX-OS switches. > > I also noticed that we can get the peer IP and port from accept directly > instead of calling getpeername(). What is done now is to check accept > return value for success and call getpeername() immediately after that. I haven't seen that change in the patches, is it already in there so I can try it out? > > Thanks, > Heikki > Thanks, Alex
*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"* T-Systems Austria GesmbH Rennweg 97-99, 1030 Wien Handelsgericht Wien, FN 79340b *"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"* Notice: This e-mail contains information that is confidential and may be privileged. If you are not the intended recipient, please notify the sender and then delete this e-mail immediately. *"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"* _______________________________________________ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator
