On Thu, Mar 09, 2006 at 02:49:55PM +0100, Olivier Beau wrote:
Hi Henrik,
Doing content checks on "large" web pages (13M) disturbs hobbitd;
in the log : "Data flooding from 10.33.254.87, closing connection"
causing a bunch of network checks to go purple..
This is really a safety/security thing to avoid hobbitd consuming all
of memory. Since hobbitd keeps everything in memory, it would be too
easy to launch a denial-of-service attack by just flooding it with data.
That url did 13M because of a big tomcat dump... and we (sysadmin) don't
controls the size of the webpages...
I hope your developers weren't forced to explain every bit of that dump :-)
Do you have a work arround for this ?
Try the attached patch for the network test tool. It limits the amount
of content data that is sent across to 1 MB, but the content check
itself is performed on the full amount of data.
Untested, but fairly simple so I would expect it to work.
Regards,
Henrik
-------------- next part --------------
--- bbnet/bbtest-net.h 2005/12/29 16:18:42 1.34
+++ bbnet/bbtest-net.h 2006/03/09 21:55:07
@@ -17,6 +17,8 @@
#define STATUS_CONTENTMATCH_FAILED 902
#define STATUS_CONTENTMATCH_BADREGEX 903
+#define MAX_CONTENT_DATA (1024*1024) /* 1 MB should be enough for most */
• /*
* Structure of the bbtest-net in-memory records
• --- bbnet/httpresult.c 2005/12/29 16:19:20 1.19
+++ bbnet/httpresult.c 2006/03/09 21:54:18
@@ -429,6 +429,12 @@
xfree(msgline);
if (req->output) {
+ /* Dont flood hobbitd with data */
+ if (req->outlen > MAX_CONTENT_DATA) {
+ *(req->output + MAX_CONTENT_DATA) = '\0';
+ req->outlen = MAX_CONTENT_DATA;
+ }
• if ( (req->contenttype && (strncasecmp(req->contenttype, "text/html", 9) == 0)) ||
(strncasecmp(req->output, "<html", 5) == 0) ) {
char *bodystart = NULL;