On 5/19/2016 9:52 PM, Timo Buhrmester wrote:
Therefore, shouldn't there be (or am I just not seeing it?) sort of a timeout that disposes of connections that have been sitting in the accept filter for longer than $timespan? Currently, we have to restart lighttpd every so many days to cope with the slow but steady "leakage" of connections...
if getsockopt(2) SO_KEEPALIVE is set for the peer socket then yes. tcp(4) provides more detail and timers can be configured via sysctl(8) net.inet.tcp.keep* .If I recall (system dependent default) the period before such a connection will be timed out is very long (hours).
I'd normally expect the application to implement more meaningful timeout mechanisms given what it is doing/waiting for. I'd definitely expect it to be tuned for ~seconds rather than hours.
rtr