From mboxrd@z Thu Jan 1 00:00:00 1970 From: Willem de Bruijn Subject: [PATCH net-next] tcp: rate limit synflood warnings further Date: Sun, 9 Sep 2018 19:12:12 -0400 Message-ID: <20180909231212.212470-1-willemdebruijn.kernel@gmail.com> Mime-Version: 1.0 Content-Transfer-Encoding: 8bit Cc: davem@davemloft.net, eric.dumazet@gmail.com, Willem de Bruijn To: netdev@vger.kernel.org Return-path: Received: from mail-ua1-f66.google.com ([209.85.222.66]:38051 "EHLO mail-ua1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725889AbeIJHPX (ORCPT ); Mon, 10 Sep 2018 03:15:23 -0400 Received: by mail-ua1-f66.google.com with SMTP id o11-v6so16126172uak.5 for ; Sun, 09 Sep 2018 19:23:44 -0700 (PDT) Sender: netdev-owner@vger.kernel.org List-ID: From: Willem de Bruijn Convert pr_info to net_info_ratelimited to limit the total number of synflood warnings. Commit 946cedccbd73 ("tcp: Change possible SYN flooding messages") rate limits synflood warnings to one per listener. Workloads that open many listener sockets can still see a high rate of log messages. Syzkaller is one frequent example. Signed-off-by: Willem de Bruijn --- net/ipv4/tcp_input.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/net/ipv4/tcp_input.c b/net/ipv4/tcp_input.c index 62508a2f9b21..d9034073138c 100644 --- a/net/ipv4/tcp_input.c +++ b/net/ipv4/tcp_input.c @@ -6380,8 +6380,8 @@ static bool tcp_syn_flood_action(const struct sock *sk, if (!queue->synflood_warned && net->ipv4.sysctl_tcp_syncookies != 2 && xchg(&queue->synflood_warned, 1) == 0) - pr_info("%s: Possible SYN flooding on port %d. %s. Check SNMP counters.\n", - proto, ntohs(tcp_hdr(skb)->dest), msg); + net_info_ratelimited("%s: Possible SYN flooding on port %d. %s. Check SNMP counters.\n", + proto, ntohs(tcp_hdr(skb)->dest), msg); return want_cookie; } -- 2.19.0.rc2.392.g5ba43deb5a-goog