Poul-Henning Kamp writes: > Mind you, this is only a problem because FreeBSD is to bloddy > stable: I logged into a customers server a few days a go, it had > been up for over a year, and had accumulated tons of ftpds from
If this customer is using wu-ftpd, it's very possible that you saw daemons blocked inside of accept() for PASV data connections. We used to see the same behavior here wrt. ftpds hanging around and it was almost always the case that the socket was in the LISTEN state. The code (ftpd.c:dataconn()) was changed to time out the data connection establishment using select() before calling accept(). If the client doesn't connect within 15 minutes, we log the event and the daemon exits. A diff against our code wouldn't be helpful, since we've added our own ugly warts to it (but I'll do so if you want it). If this is indeed the same problem you're seeing, tcp keepalives won't help. I haven't looked at the FreeBSD ftpd code to see if the accept is timed out somehow to prevent this (possibly inadvertent) DOS attack. -- Sudish Joseph MindSpring Enterprises To Unsubscribe: send mail to majord...@freebsd.org with "unsubscribe freebsd-current" in the body of the message
