16 Sep, 2011
1 commit
-
"Possible SYN flooding on port xxxx " messages can fill logs on servers.
Change logic to log the message only once per listener, and add two new
SNMP counters to track :TCPReqQFullDoCookies : number of times a SYNCOOKIE was replied to client
TCPReqQFullDrop : number of times a SYN request was dropped because
syncookies were not enabled.Based on a prior patch from Tom Herbert, and suggestions from David.
Signed-off-by: Eric Dumazet
CC: Tom Herbert
Signed-off-by: David S. Miller
09 Dec, 2010
1 commit
-
Rather than printing the message to the log, use a mib counter to keep
track of the count of occurences of time wait bucket overflow. Reduces
spam in logs.Signed-off-by: Tom Herbert
Signed-off-by: David S. Miller
03 Jun, 2010
1 commit
-
Christoph Lameter mentioned that packets could be dropped in input path
because of rp_filter settings, without any SNMP counter being
incremented. System administrator can have a hard time to track the
problem.This patch introduces a new counter, LINUX_MIB_IPRPFILTER, incremented
each time we drop a packet because Reverse Path Filter triggers.(We receive an IPv4 datagram on a given interface, and find the route to
send an answer would use another interface)netstat -s | grep IPReversePathFilter
IPReversePathFilter: 21714Reported-by: Christoph Lameter
Signed-off-by: Eric Dumazet
Signed-off-by: David S. Miller
04 Apr, 2010
1 commit
-
When ip_append() fails because of socket limit or memory shortage,
increment ICMP_MIB_OUTERRORS counter, so that "netstat -s" can report
these errors.LANG=C netstat -s | grep "ICMP messages failed"
0 ICMP messages failedFor IPV6, implement ICMP6_MIB_OUTERRORS counter as well.
# grep Icmp6OutErrors /proc/net/dev_snmp6/*
/proc/net/dev_snmp6/eth0:Icmp6OutErrors 0
/proc/net/dev_snmp6/lo:Icmp6OutErrors 0Signed-off-by: Eric Dumazet
Signed-off-by: David S. Miller
22 Mar, 2010
1 commit
-
Its currently hard to diagnose when ACK frames are dropped because an
application set TCP_DEFER_ACCEPT on its listening socket.See http://bugzilla.kernel.org/show_bug.cgi?id=15507
This patch adds a SNMP value, named TCPDeferAcceptDrop
netstat -s | grep TCPDeferAcceptDrop
TCPDeferAcceptDrop: 0This counter is incremented every time we drop a pure ACK frame received
by a socket in SYN_RECV state because its SYNACK retrans count is lower
than defer_accept value.Signed-off-by: Eric Dumazet
Signed-off-by: David S. Miller
09 Mar, 2010
1 commit
-
Commit 6b03a53a (tcp: use limited socket backlog) added the possibility
of dropping frames when backlog queue is full.Commit d218d111 (tcp: Generalized TTL Security Mechanism) added the
possibility of dropping frames when TTL is under a given limit.This patch adds new SNMP MIB entries, named TCPBacklogDrop and
TCPMinTTLDrop, published in /proc/net/netstat in TcpExt: linenetstat -s | egrep "TCPBacklogDrop|TCPMinTTLDrop"
TCPBacklogDrop: 0
TCPMinTTLDrop: 0Signed-off-by: Eric Dumazet
Signed-off-by: David S. Miller
19 Feb, 2010
1 commit
-
XFRMINHDRERROR counter is ambigous when validating forwarding
path. It makes it tricky to debug when you have both in and fwd
validation.Signed-off-by: Jamal Hadi Salim
Signed-off-by: David S. Miller
27 Apr, 2009
1 commit
-
The IP MIB (RFC 4293) defines stats for InOctets, OutOctets, InMcastOctets and
OutMcastOctets:
http://tools.ietf.org/html/rfc4293
But it seems we don't track those in any way that easy to separate from other
protocols. This patch adds those missing counters to the stats file. Tested
successfully by meWith help from Eric Dumazet.
Signed-off-by: Neil Horman
Signed-off-by: David S. Miller
25 Nov, 2008
1 commit
-
Signed-off-by: Ilpo Järvinen
Signed-off-by: David S. Miller
30 Jul, 2008
1 commit
-
From a report by Matti Aarnio, and preliminary patch by Adam Langley.
Signed-off-by: David S. Miller
01 Feb, 2008
1 commit
-
o Outbound sequence number overflow error status
is counted as XfrmOutStateSeqError.
o Additionaly, it changes inbound sequence number replay
error name from XfrmInSeqOutOfWindow to XfrmInStateSeqError
to apply name scheme above.
o Inbound IPv4 UDP encapsuling type mismatch error is wrongly
mapped to XfrmInStateInvalid then this patch fiex the error
to XfrmInStateMismatch.Signed-off-by: Masahide NAKAMURA
Signed-off-by: David S. Miller
29 Jan, 2008
1 commit
-
This statistics is shown factor dropped by transformation
at /proc/net/xfrm_stat for developer.
It is a counter designed from current transformation source code
and defined as linux private MIB.See Documentation/networking/xfrm_proc.txt for the detail.
Signed-off-by: Masahide NAKAMURA
Signed-off-by: David S. Miller
11 Oct, 2007
4 commits
-
Signed-off-by: Ilpo Järvinen
Signed-off-by: David S. Miller -
Background: RFC 4293 deprecates existing individual, named ICMP
type counters to be replaced with the ICMPMsgStatsTable. This table
includes entries for both IPv4 and IPv6, and requires counting of all
ICMP types, whether or not the machine implements the type.These patches "remove" (but not really) the existing counters, and
replace them with the ICMPMsgStats tables for v4 and v6.
It includes the named counters in the /proc places they were, but gets the
values for them from the new tables. It also counts packets generated
from raw socket output (e.g., OutEchoes, MLD queries, RA's from
radvd, etc).Changes:
1) create icmpmsg_statistics mib
2) create icmpv6msg_statistics mib
3) modify existing counters to use these
4) modify /proc/net/snmp to add "IcmpMsg" with all ICMP types
listed by number for easy SNMP parsing
5) modify /proc/net/snmp printing for "Icmp" to get the named data
from new counters.Signed-off-by: David L Stevens
Signed-off-by: David S. Miller -
Background: RFC 4293 deprecates existing individual, named ICMP
type counters to be replaced with the ICMPMsgStatsTable. This table
includes entries for both IPv4 and IPv6, and requires counting of all
ICMP types, whether or not the machine implements the type.These patches "remove" (but not really) the existing counters, and
replace them with the ICMPMsgStats tables for v4 and v6.
It includes the named counters in the /proc places they were, but gets the
values for them from the new tables. It also counts packets generated
from raw socket output (e.g., OutEchoes, MLD queries, RA's from
radvd, etc).Changes:
1) create icmpmsg_statistics mib
2) create icmpv6msg_statistics mib
3) modify existing counters to use these
4) modify /proc/net/snmp to add "IcmpMsg" with all ICMP types
listed by number for easy SNMP parsing
5) modify /proc/net/snmp printing for "Icmp" to get the named data
from new counters.
[new to 2nd revision]
6) support per-interface ICMP stats
7) use common macro for per-device stat macrosSigned-off-by: David L Stevens
Signed-off-by: David S. Miller -
In DSACK case, some events are not extraordinary, such as packet
duplication generated DSACK. They can arrive easily below
snd_una when undo_marker is not set (TCP being in CA_Open),
counting such DSACKs amoung SACK discards will likely just
mislead if they occur in some scenario when there are other
problems as well. Similarly, excessively delayed packets could
cause "normal" DSACKs. Therefore, separate counters are
allocated for DSACK events.Signed-off-by: Ilpo Järvinen
Signed-off-by: David S. Miller
30 Apr, 2007
1 commit
-
The updated IP-MIB RFC (RFC4293) specifys new objects, InBcastPkts
and OutBcastPkts. This adds definitions for them.Signed-off-by: Mitsuru Chinen
Signed-off-by: David S. Miller
23 Sep, 2006
2 commits
-
This patch adds more statistics info under /proc/net/sctp/snmp
that should be useful for debugging. The additional events that
are counted now include timer expirations, retransmits, packet
and data chunk discards.The Data chunk discards include all the cases where a data chunk
is discarded including high tsn, bad stream, dup tsn and the most
useful one(out of receive buffer/rwnd).Also moved the SCTP MIB data structures from the generic include
directories to include/sctp/sctp.h.Signed-off-by: Sridhar Samudrala
Signed-off-by: David S. Miller -
Signed-off-by: Martin Bligh
Signed-off-by: Andrew Morton
17 Apr, 2005
1 commit
-
Initial git repository build. I'm not bothering with the full history,
even though we have it. We can create a separate "historical" git
archive of that later if we want to, and in the meantime it's about
3.2GB when imported into git - space that would just make the early
git days unnecessarily complicated, when we don't have a lot of good
infrastructure for it.Let it rip!
