kern/113639: -CURRENT logs too much TCP information
Ben Wilber
ben at desync.com
Wed Jun 13 03:10:05 UTC 2007
>Number: 113639
>Category: kern
>Synopsis: -CURRENT logs too much TCP information
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Wed Jun 13 03:10:03 GMT 2007
>Closed-Date:
>Last-Modified:
>Originator: Ben Wilber
>Release: FreeBSD 7.0-CURRENT amd64
>Organization:
>Environment:
System: FreeBSD yui 7.0-CURRENT FreeBSD 7.0-CURRENT #3: Fri Jun 8 01:01:22 UTC 2007 bw at yui:/usr/obj/usr/src/sys/IKARI amd64
>Description:
The recent logging changes in the TCP stack send too much information to syslog by default. On high-traffic machines or in denial of service situations, this logging saturates the disks and CPU.
>How-To-Repeat:
Install recent -CURRENT, tail syslog.
>Fix:
My crunch time solution was to add a net.inet.tcp.verbose sysctl.
--- sys/netinet/tcp_subr.c.old Sun May 27 17:02:54 2007
+++ sys/netinet/tcp_subr.c Mon Jun 11 14:57:44 2007
@@ -2064,6 +2064,11 @@
CTLTYPE_STRUCT|CTLFLAG_WR|CTLFLAG_SKIP, NULL,
0, sysctl_drop, "", "Drop TCP connection");
+static int tcp_verbose = 0;
+SYSCTL_INT(_net_inet_tcp, OID_AUTO, verbose, CTLFLAG_RW,
+ &tcp_verbose, 0,
+ "Send additional TCP information to syslog");
+
/*
* Generate a standardized TCP log line for use throughout the
* tcp subsystem. Memory allocation is done with M_NOWAIT to
@@ -2088,6 +2093,9 @@
ip6 = (struct ip6_hdr *)ip6hdr;
#endif /* INET6 */
ip = (struct ip *)ip4hdr;
+
+ if (!tcp_verbose)
+ return (NULL);
/*
* The log line looks like this:
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list