tcp: Change possible SYN flooding messages
"Possible SYN flooding on port xxxx " messages can fill logs on servers. Change logic to log the message only once per listener, and add two new SNMP counters to track : TCPReqQFullDoCookies : number of times a SYNCOOKIE was replied to client TCPReqQFullDrop : number of times a SYN request was dropped because syncookies were not enabled. Based on a prior patch from Tom Herbert, and suggestions from David. Signed-off-by:Eric Dumazet <eric.dumazet@gmail.com> CC: Tom Herbert <therbert@google.com> Signed-off-by:
David S. Miller <davem@davemloft.net>
Showing
- include/linux/snmp.h 2 additions, 0 deletionsinclude/linux/snmp.h
- include/net/request_sock.h 2 additions, 1 deletioninclude/net/request_sock.h
- include/net/tcp.h 3 additions, 0 deletionsinclude/net/tcp.h
- net/ipv4/proc.c 2 additions, 0 deletionsnet/ipv4/proc.c
- net/ipv4/tcp_ipv4.c 28 additions, 21 deletionsnet/ipv4/tcp_ipv4.c
- net/ipv6/tcp_ipv6.c 3 additions, 28 deletionsnet/ipv6/tcp_ipv6.c
Loading
Please register or sign in to comment