[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Nufw-devel] DOS mode, packet logging
From: |
Glen Ogilvie |
Subject: |
[Nufw-devel] DOS mode, packet logging |
Date: |
Tue, 23 Mar 2010 15:53:52 +1300 (NZDT) |
Hi,
I have noticed that on a couple of occasions problems with logging.
I've seen messages like:
nuauth[14187]: [7] No packet logging to avoid logger DOS
appear in nuauth log. After this message, logging to the database for
authenticated users
stops, and does not seem to start again until nuauth is restarted. This breaks
single sign on and traffic
accounting.
It looks to me like nuauth is supposed to switch back from DOS mode
when the g_thread_pool_unprocessed(nuauthdatas->user_loggers) <
nuauthconf->max_unassigned_messages
called in: act_on_loggers_processing, which is called from the main_cleanup
method in authsrv.c, which
appears to me to be called by nuauth_main_loop using a timer.
I am a little lost as to how the thread pool (nuauthdatas->user_loggers)
empties itself. Do the user_loggers thread have a timeout that will cause
them to be destroyed or retry if they failed to log correctly, say for example
that the DB was busy?
Any help around what I can do to:
1 - reduce the chance of packets not being logged
2 - get the system to come back out of DOS protection mode without a restart of
nuauth would be appreciated.
3 - if this is a bug, then a patch to fix it would be good.
The version I am looking at is: 2.2.21
Regards
--
Glen Ogilvie
Open Systems Specialists
Level 1, 162 Grafton Road
http://www.oss.co.nz/
Ph: +64 9 984 3000
Mobile: +64 21 684 146
GPG Key: ACED9C17
- [Nufw-devel] DOS mode, packet logging,
Glen Ogilvie <=