Re: Disonnecting a TCP listening socket

From: David Schwartz <davids@xxxxxxxxxxxxx>
Date: Fri, 19 Sep 2008 12:25:44 -0700 (PDT)

On Sep 19, 10:49 am, true...@xxxxxxxxx wrote:

Hi

If a server program wants to stop accepting client connections, it
just has to close() the listening socket. By doing this, it also
discards the connections that are established, but that accept()
hasn't returned yet.
My question therefore is : is it possible to tell the OS to stop
accepting incoming connection requests, and still getting the
connections that are already established and waiting in the queue ?

No. There's no easy way to do it. And it's very tricky to do it 100%
correctly in combination with things like syn cookies. It's tricky to
tell for sure whether an incoming SYN is for a new connection or one
that's already established (and your SYN/ACK dropped).

DS
.

Follow-Ups:
- Re: Disonnecting a TCP listening socket
  - From: true801

References:
- Disonnecting a TCP listening socket
  - From: true801

Prev by Date: Re: Possible attack?
Next by Date: Re: Disonnecting a TCP listening socket
Previous by thread: Re: Disonnecting a TCP listening socket
Next by thread: Re: Disonnecting a TCP listening socket
Index(es):
- Date
- Thread

Relevant Pages

Re: Disonnecting a TCP listening socket
... accepting incoming connection requests, and still getting the ... connections that are already established and waiting in the queue? ... And it's very tricky to do it 100% ... correctly in combination with things like syn cookies. ...
(comp.os.linux.networking)
Disonnecting a TCP listening socket
... If a server program wants to stop accepting client connections, ... just has to closethe listening socket. ... discards the connections that are established, ...
(comp.os.linux.networking)
Re: SSH on FreeBSD
... In FreeBSD there are two ways of enabling sshd: ... rc.conf and a bit tricky and secure via inetd.conf. ... with inetd you can force max connections per minute rate or max connections per ip. ...
(freebsd-questions)