[RADIATOR] ServerTACACSPLUS logging improvements

Hartmaier Alexander alexander.hartmaier at t-systems.at
Mon Jun 13 02:27:40 CDT 2016


Hi Heikki,

On 2016-06-10 09:39, Heikki Vatiainen wrote:
> On 8.6.2016 11.28, Hartmaier Alexander wrote:
>
>>> Hmm, do you get these often? Also, does your configuration have FarmSize
>>> enabled? This error occurs very early after the new connection has been
>>> accepted. The code tries to figure out the address and port of the
>>> client, but getpeername call fails.
>> Yes, all the time. No FarmSize so far. So these are reverse dns lookups?
>> Can we disable them?
> These do not involve DNS. It's simply a socket function call that
> returns information about the socket.
>
> I tried reproducting this and noticed that a successful and normal TCP
> three-way handshake followed by RST causes this on Linux. On OS X the
> error is 'Invalid argument'.
>
> Do you have a monitoring program scanning for or monitoring TCP listen
> ports on your network? These scanners may be using the above method with
> their checks (normal open + RST to close).
No, that's from regular TACACS+ connection, I suspect NX-OS switches.
>
> I also noticed that we can get the peer IP and port from accept directly
> instead of calling getpeername(). What is done now is to check accept
> return value for success and call getpeername() immediately after that.
I haven't seen that change in the patches, is it already in there so  I
can try it out?
>
> Thanks,
> Heikki
>
Thanks, Alex


*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*
T-Systems Austria GesmbH Rennweg 97-99, 1030 Wien
Handelsgericht Wien, FN 79340b
*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*
Notice: This e-mail contains information that is confidential and may be privileged.
If you are not the intended recipient, please notify the sender and then
delete this e-mail immediately.
*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*


More information about the radiator mailing list