From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on dcvr.yhbt.net X-Spam-Level: X-Spam-ASN: X-Spam-Status: No, score=-4.0 required=3.0 tests=ALL_TRUSTED,BAYES_00 shortcircuit=no autolearn=ham autolearn_force=no version=3.4.2 Received: from localhost (dcvr.yhbt.net [127.0.0.1]) by dcvr.yhbt.net (Postfix) with ESMTP id 733EF1FA11 for ; Sun, 24 Oct 2021 00:20:46 +0000 (UTC) From: Eric Wong To: meta@public-inbox.org Subject: [PATCH 5/7] listener: emit warnings on EPERM Date: Sat, 23 Oct 2021 18:20:43 -0600 Message-Id: <20211024002045.17755-6-e@80x24.org> In-Reply-To: <20211024002045.17755-1-e@80x24.org> References: <20211024002045.17755-1-e@80x24.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit List-Id: In retrospect, warnings for EPERM on accept4(2) failure may help detect misconfigured firewalls, so start emitting warnings for EPERM. Fwiw, I've never known excessive EPERM warnings to be excessively noisy in other TCP services I've run over the years. --- lib/PublicInbox/Listener.pm | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/lib/PublicInbox/Listener.pm b/lib/PublicInbox/Listener.pm index 09f1f2e5..7cedc349 100644 --- a/lib/PublicInbox/Listener.pm +++ b/lib/PublicInbox/Listener.pm @@ -8,7 +8,7 @@ use parent 'PublicInbox::DS'; use Socket qw(SOL_SOCKET SO_KEEPALIVE IPPROTO_TCP TCP_NODELAY); use IO::Handle; use PublicInbox::Syscall qw(EPOLLIN EPOLLEXCLUSIVE); -use Errno qw(EAGAIN ECONNABORTED EPERM); +use Errno qw(EAGAIN ECONNABORTED); # Warn on transient errors, mostly resource limitations. # EINTR would indicate the failure to set NonBlocking in systemd or similar @@ -38,13 +38,9 @@ sub event_step { IO::Handle::blocking($c, 0); # no accept4 :< eval { $self->{post_accept}->($c, $addr, $sock) }; warn "E: $@\n" if $@; - } elsif ($! == EAGAIN || $! == ECONNABORTED || $! == EPERM) { + } elsif ($! == EAGAIN || $! == ECONNABORTED) { # EAGAIN is common and likely # ECONNABORTED is common with bad connections - # EPERM happens if firewall rules prevent a connection - # on Linux (and everything that emulates Linux). - # Firewall rules are sometimes intentional, so we don't - # warn on EPERM to avoid being too noisy... return; } elsif (my $sym = $ERR_WARN{int($!)}) { warn "W: accept(): $! ($sym)\n";