BUG/MINOR: tcp: make silent-drop always force a TCP reset

The silent-drop action is supposed to close with a TCP reset that is either not sent or not too far. But since it's on the client-facing side, the socket's lingering is enabled by default and the RST only occurs if some pending unread data remain in the queue when closing. This causes some clean shutdowns to occur with retransmits, which is not good at all. Force linger_risk on the socket to flush all data and destroy the socket. No backport is needed, this was introduced in 1.6-dev6.
2025-04-11 03:31:36 +00:00 · 2015-09-29 18:11:32 +02:00 · 2015-09-29 18:11:32 +02:00 · f50ec0fdbc
commit f50ec0fdbc
parent 971f7b6bb4
1 changed files with 5 additions and 0 deletions
--- a/src/proto_tcp.c
+++ b/src/proto_tcp.c
@ -1445,6 +1445,11 @@ static enum act_return tcp_exec_action_silent_drop(struct act_rule *rule, struct
 	if (strm)
 		strm->si[0].flags |= SI_FL_NOLINGER;

+	/* We're on the client-facing side, we must force to disable lingering to
+	 * ensure we will use an RST exclusively and kill any pending data.
+	 */
+	fdtab[conn->t.sock.fd].linger_risk = 1;
+
 #ifdef TCP_REPAIR
 	if (setsockopt(conn->t.sock.fd, SOL_TCP, TCP_REPAIR, &one, sizeof(one)) == 0) {
 		/* socket will be quiet now */