2010年9月24日

Improve DDOS, TIME_WAIT and CLOSE_WAIT issue

net.ipv4.tcp_fin_timeout=30
net.ipv4.tcp_keepalive_time=120
net.ipv4.tcp_timestamps=0
net.ipv4.tcp_tw_reuse=1
net.ipv4.tcp_tw_recycle=1
net.ipv4.tcp_keepalive_intvl=15
net.ipv4.tcp_keepalive_probes=5
net.ipv4.tcp_synack_retries=3
net.ipv4.tcp_syn_retries=3
net.ipv4.tcp_max_syn_backlog=2048
net.ipv4.ip_local_port_range=5000 65000

Query status:
netstat -nat|awk '{print awk $NF}'|sort|uniq -c|sort -n

2010年9月15日

awk: Illegal instruction

Issue:
#> awk '{print $5}'
Illegal instruction

Solution:
Enable Float-Point Emulation from Kernel menuconfig.
[*] NWFPE math emulation

2010年9月10日

warning: deprecated conversion from string constant to 'char*'

Issue:
warning: deprecated conversion from string constant to 'char*'
warning: deprecated conversion from string constant to 'char*'
warning: deprecated conversion from string constant to 'char*'

Solution:
Happens on compiling with gcc v4.3.3.
Change [char *] to [const char *].

2010年9月3日

configure: error: cannot determine linux version when cross-compiling

Issue:
checking whether to build optimizer debugging code... no
checking whether to build parser debugging code... no
checking Linux kernel version... unknown
configure: error: cannot determine linux version when cross-compiling

Solution:
Directly edit "configure" file, and add a new line:
linux)
ac_cv_linux_vers=2
echo "$as_me:$LINENO: checking Linux kernel version" >&5
echo $ECHO_N "checking Linux kernel version... $ECHO_C" >&6

This is a work-around, actually I don't like that.

sysctl.h:41: error: expected ':', ',', ';', '}' or '__attribute__' before '*' token

Issue:
In file included from ./include/sys/sysctl.h:44,
from libc/sysdeps/linux/arm/ioperm.c:46:
sysctl.h:41: error: expected ':', ',', ';', '}' or '__attribute__' before '*' token
make[4]: *** [libc/sysdeps/linux/arm/ioperm.os] Error 1

Solution:
Directly edit sysctl.h from
struct __sysctl_args {
int __user *name;
int nlen;
void __user *oldval;
size_t __user *oldlenp;
void __user *newval;
size_t newlen;
unsigned long __unused[4];
};
to
struct __sysctl_args {
int __attribute__((noderef, address_space(1))) *name;
int nlen;
void __attribute__((noderef, address_space(1))) *oldval;
size_t __attribute__((noderef, address_space(1))) *oldlenp;
void __attribute__((noderef, address_space(1))) *newval;
size_t newlen;
unsigned long __unused[4];
};

Failed in compiling busybox

Issue:
LINK busybox_unstripped
modutils/lib.a(insmod.o): In function `insmod_main':
insmod.c:(.text.insmod_main+0x390): undefined reference to `query_module'
insmod.c:(.text.insmod_main+0x3c4): undefined reference to `query_module'
insmod.c:(.text.insmod_main+0x474): undefined reference to `query_module'
insmod.c:(.text.insmod_main+0x4c4): undefined reference to `query_module'
insmod.c:(.text.insmod_main+0x598): undefined reference to `query_module'
insmod.c:(.text.insmod_main+0xbe0): undefined reference to `create_module'
collect2: ld returned 1 exit status
make[4]: *** [busybox_unstripped] Error 1

Solution:
Uncheck [ ] Support version 2.2.x to 2.4.x Linux kernels
or
# CONFIG_FEATURE_2_4_MODULES is not set