Autor: Jeremy Harris Data: Para: exim-users Assunto: Re: [exim] av_scanner is broken suddenly?
On 04/01/2021 06:53, Victor Sudakov via Exim-users wrote: > Does anyone need the "-d+all" log?
No, I think we've made as much progress as we can with
the snippet and other info you provided. Thanks.
I managed to create a set with FreeBSD 12.2 which exhibits
the "SYN-only" symptom, and have added a bit of hardening
in the code (3eb0bcd7a1) to ensure that the connection
open times out reasonably quickly. That's obviously not a
real fix, and I'm fairly sure this needs to be addressed in
the FreeBSD kernel stack. It would help a *lot* if there was
documentation around TFO - for example, the TCP_FASTOPEN
sockopt being described in the tcp(7) manpage (Linux is just
as bad; neither TCP_FASTOPEN not MSG_FASTOPEN are described,
and the bug I opened was ignored for long enough for it to be
auto-closed).
I was hindered somewhat by another apparent bug, probably
related to the ipfw/dummynet delay mechanism I was using
to get userland processing interspersed with packets...
after some undefined time, the interface lost it's IP addresses
(so became unusable). A reboot seemed to be required.
Creating a standalone demo program would be pretty simple;
it's not hard code. Working out the combination of
conditions it the difficult bit (it took me ages to realise
that the kernel was negative-caching, hence not trying TFO/R
for a recently non-responding peer).
I've not been sufficiently enthusiastic to do that. If
anyone want to pick it up, please ask; I can point to the
its of Exim source to steal from.
Other lacking bits of TFO implementations:
- means for placing the first server data on the SYN,ACK
- observability, from userland, of what a particular connection
sequence actually achieved
--
Cheers,
Jeremy