kern/113639: -CURRENT logs too much TCP information

Ben Wilber ben at
Wed Jun 13 03:10:05 UTC 2007

>Number:         113639
>Category:       kern
>Synopsis:       -CURRENT logs too much TCP information
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Wed Jun 13 03:10:03 GMT 2007
>Originator:     Ben Wilber
>Release:        FreeBSD 7.0-CURRENT amd64
System: FreeBSD yui 7.0-CURRENT FreeBSD 7.0-CURRENT #3: Fri Jun 8 01:01:22 UTC 2007 bw at yui:/usr/obj/usr/src/sys/IKARI amd64

	The recent logging changes in the TCP stack send too much information to syslog by default.  On high-traffic machines or in denial of service situations, this logging saturates the disks and CPU.
	Install recent -CURRENT, tail syslog.
	My crunch time solution was to add a net.inet.tcp.verbose sysctl.

--- sys/netinet/tcp_subr.c.old	Sun May 27 17:02:54 2007
+++ sys/netinet/tcp_subr.c	Mon Jun 11 14:57:44 2007
@@ -2064,6 +2064,11 @@
     0, sysctl_drop, "", "Drop TCP connection");
+static int tcp_verbose = 0;
+SYSCTL_INT(_net_inet_tcp, OID_AUTO, verbose, CTLFLAG_RW,
+	&tcp_verbose, 0,
+	"Send additional TCP information to syslog");
  * Generate a standardized TCP log line for use throughout the
  * tcp subsystem.  Memory allocation is done with M_NOWAIT to
@@ -2088,6 +2093,9 @@
 	ip6 = (struct ip6_hdr *)ip6hdr;
 #endif /* INET6 */
 	ip = (struct ip *)ip4hdr;
+	if (!tcp_verbose)
+		return (NULL);
 	 * The log line looks like this:


More information about the freebsd-bugs mailing list