From 646cc762cc9297510102fc094f3af8a5a9e296c7 Mon Sep 17 00:00:00 2001 From: Eric Wong Date: Sat, 3 Jul 2010 09:30:57 +0000 Subject: socket_helper: tunables for tcp_defer_accept/accept_filter Under Linux, this allows users to tune the time (in seconds) to defer connections before allowing them to be accepted. The behavior of TCP_DEFER_ACCEPT changed with Linux 2.6.32 and idle connections may still be accept()-ed after the specified value in seconds. A small value of '1' remains the default for Unicorn as Unicorn does not worry about slow clients. Higher values provide better DoS protection for Rainbows! but also increases kernel memory usage. Allowing "dataready" for FreeBSD accept filters will allow SSL sockets to be used in the future for HTTPS, too. --- test/unit/test_socket_helper.rb | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) (limited to 'test') diff --git a/test/unit/test_socket_helper.rb b/test/unit/test_socket_helper.rb index 36b2dc2..bbce359 100644 --- a/test/unit/test_socket_helper.rb +++ b/test/unit/test_socket_helper.rb @@ -146,4 +146,28 @@ class TestSocketHelper < Test::Unit::TestCase sock_name(@unix_server) end + def test_tcp_defer_accept_default + port = unused_port @test_addr + name = "#@test_addr:#{port}" + sock = bind_listen(name) + cur = sock.getsockopt(Socket::SOL_TCP, TCP_DEFER_ACCEPT).unpack('i')[0] + assert cur >= 1 + end if defined?(TCP_DEFER_ACCEPT) + + def test_tcp_defer_accept_disable + port = unused_port @test_addr + name = "#@test_addr:#{port}" + sock = bind_listen(name, :tcp_defer_accept => false) + cur = sock.getsockopt(Socket::SOL_TCP, TCP_DEFER_ACCEPT).unpack('i')[0] + assert_equal 0, cur + end if defined?(TCP_DEFER_ACCEPT) + + def test_tcp_defer_accept_nr + port = unused_port @test_addr + name = "#@test_addr:#{port}" + sock = bind_listen(name, :tcp_defer_accept => 60) + cur = sock.getsockopt(Socket::SOL_TCP, TCP_DEFER_ACCEPT).unpack('i')[0] + assert cur > 1 + end if defined?(TCP_DEFER_ACCEPT) + end -- cgit v1.2.3-24-ge0c7