summaryrefslogtreecommitdiffstats
path: root/src/tcp.c
Commit message (Collapse)AuthorAgeFilesLines
* conntrackd: simplify TCP connection handling logicPablo Neira Ayuso2012-05-281-27/+2
| | | | | | | | | | Before this patch, we called accept() to likely return EAGAIN. This is not required as select() will tell us that we're ready to accept. Therefore, that early accept() invocation complicates the whole handling just to get the connection accepted a bit before. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* conntrackd: rate-limit the amount of connect() callsPablo Neira Ayuso2009-09-231-0/+14
| | | | | | | | This patch rate-limits the amount of connect() calls to avoid syn-floods when the other peer is not connected and we are generating updates. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* conntrackd: fix re-connect with multiple TCP channelsPablo Neira Ayuso2009-09-231-5/+5
| | | | | | | | This patch fixes a bug in the TCP support that breaks re-connections of the client side if several TCP channels are used in the configuration file. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* conntrackd: improve error handling in tcp_sendPablo Neira Ayuso2009-09-211-1/+4
| | | | | | | | | | | | With this patch, we increase the error stats if: * we failed to connect to the other peer. * some unexpected error made connect() fail. * sendto returned ECONNRESET or EPIPE. Moreover, we propagate the sendto() errors to upper layers under failure as Samuel Gauthier suggested. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* conntrackd: add support state-replication based on TCPPablo Neira Ayuso2009-08-231-0/+440
This patch adds support for TCP as protocol to replicate state-changes between two daemons. Note that this only makes sense with the notrack mode. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>