1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
|
Index: src/racoon/isakmp.c
===================================================================
RCS file: /cvsroot/src/crypto/dist/ipsec-tools/src/racoon/isakmp.c,v
retrieving revision 1.60
diff -u -r1.60 isakmp.c
--- a/src/racoon/isakmp.c 3 Sep 2009 09:29:07 -0000 1.60
+++ b/src/racoon/isakmp.c 20 Aug 2010 11:59:20 -0000
@@ -1579,6 +1579,7 @@
#ifdef ENABLE_NATT
int option = -1;
#endif
+ int rcvSize = 16384;
/* warn if wildcard address - should we forbid this? */
switch (addr->sa_family) {
@@ -1706,6 +1707,17 @@
goto err;
}
+ /* set receive buffer size - shouldn't be too large otherwise
+ * we can acommodate too long backbuffer of packets and not
+ * able to handle any packets in real time */
+ if (setsockopt(fd, SOL_SOCKET, SO_RCVBUF,
+ (void*) &rcvSize, sizeof(rcvSize)) < 0) {
+ plog(LLV_ERROR, LOCATION, NULL,
+ "failed to set SO_RCVBUF size (%s).\n",
+ strerror(errno));
+ /* soft-error, continue even if this failed */
+ }
+
if (setsockopt_bypass(fd, addr->sa_family) < 0)
goto err;
|
