diff options
author | June McEnroe <june@causal.agency> | 2021-10-03 16:18:34 -0400 |
---|---|---|
committer | June McEnroe <june@causal.agency> | 2021-10-03 16:18:34 -0400 |
commit | d8707c43361dc322859e5bdd3a55abc29c4d0c90 (patch) | |
tree | e2ef00e53df7c85bfda231a7e9af4761b6b5a698 | |
parent | Intercept client PONG (diff) | |
download | pounce-d8707c43361dc322859e5bdd3a55abc29c4d0c90.tar.gz pounce-d8707c43361dc322859e5bdd3a55abc29c4d0c90.zip |
Remove TCP keepalive settings
TCP keepalives were originally enabled to solve the problem of client connections staying idle for long periods of time, due to pounce not relaying PINGs from the server. Long-idle TCP connections are likely to be dropped by NAT routers, causing timeouts. Unfortunately, the TCP_KEEPIDLE socket option is not available on OpenBSD, so this was useless for pounce running there. The default timeout before sending keepalives is 2 hours, which is far longer than the timeout used by NAT routers, which seems to be 30 minutes. Now that pounce sends its own PINGs to idle clients approximately every 15 minutes, these TCP keepalive settings are unnecessary.
-rw-r--r-- | local.c | 17 |
1 files changed, 1 insertions, 16 deletions
diff --git a/local.c b/local.c index 92220c4..8d3ff4d 100644 --- a/local.c +++ b/local.c @@ -31,7 +31,6 @@ #include <limits.h> #include <netdb.h> #include <netinet/in.h> -#include <netinet/tcp.h> #include <stdbool.h> #include <stdio.h> #include <stdlib.h> @@ -49,10 +48,6 @@ #include "bounce.h" -#ifdef __APPLE__ -#define TCP_KEEPIDLE TCP_KEEPALIVE -#endif - static struct tls *server; static byte *readFile(size_t *len, FILE *file) { @@ -248,17 +243,7 @@ int localAccept(struct tls **client, int bind) { fd = sent; } - int on = 1; - int error = setsockopt(fd, SOL_SOCKET, SO_KEEPALIVE, &on, sizeof(on)); - if (error) err(EX_OSERR, "setsockopt"); - -#ifdef TCP_KEEPIDLE - int idle = 15 * 60; - error = setsockopt(fd, IPPROTO_TCP, TCP_KEEPIDLE, &idle, sizeof(idle)); - if (error) err(EX_OSERR, "setsockopt"); -#endif - - error = tls_accept_socket(server, client, fd); + int error = tls_accept_socket(server, client, fd); if (error) errx(EX_SOFTWARE, "tls_accept_socket: %s", tls_error(server)); return fd; |