Mailing List Archive

#1087: Requests dropped due to long headers are invisible
#1087: Requests dropped due to long headers are invisible
----------------------+-----------------------------------------------------
Reporter: kristian | Owner:
Type: defect | Status: new
Priority: normal | Milestone:
Component: varnishd | Version: trunk
Severity: normal | Keywords:
----------------------+-----------------------------------------------------
Currently Varnish will not be very specific if a connection is dropped due
to overly long headers. It's assumed to be an attack or otherwise
malicious.

This makes it close to impossible for sysadmins to determine that it's
happening and why.

There needs to be a log entry for this, otherwise this can itself be used
to mask attacks....

--
Ticket URL: <https://www.varnish-cache.org/trac/ticket/1087>
Varnish <https://varnish-cache.org/>
The Varnish HTTP Accelerator

_______________________________________________
varnish-bugs mailing list
varnish-bugs@varnish-cache.org
https://www.varnish-cache.org/lists/mailman/listinfo/varnish-bugs
Re: #1087: Requests dropped due to long headers are invisible [ In reply to ]
#1087: Requests dropped due to long headers are invisible
----------------------+-----------------------------------------------------
Reporter: kristian | Owner:
Type: defect | Status: new
Priority: normal | Milestone:
Component: varnishd | Version: trunk
Severity: normal | Keywords:
----------------------+-----------------------------------------------------

Comment(by martin):

This is part of the logs. In 3.0 there will be a SLT_SessionClose log
entry with the value "blast" when this happens. In trunk the message is
more descriptive and can include both "EOF" and "overflow". Should be
sufficient IMHO.

Close this issue?

--
Ticket URL: <https://www.varnish-cache.org/trac/ticket/1087#comment:1>
Varnish <https://varnish-cache.org/>
The Varnish HTTP Accelerator

_______________________________________________
varnish-bugs mailing list
varnish-bugs@varnish-cache.org
https://www.varnish-cache.org/lists/mailman/listinfo/varnish-bugs
Re: #1087: Requests dropped due to long headers are invisible [ In reply to ]
#1087: Requests dropped due to long headers are invisible
----------------------+-----------------------------------------------------
Reporter: kristian | Owner:
Type: defect | Status: closed
Priority: normal | Milestone:
Component: varnishd | Version: trunk
Severity: normal | Resolution: worksforme
Keywords: |
----------------------+-----------------------------------------------------
Changes (by martin):

* status: new => closed
* resolution: => worksforme


Comment:

After a discussion with Kristian we came to the conclusion that the
necessary information is part of the shm log, and that this is not an
issue. Closing this ticket as 'worksforme'.

--
Ticket URL: <https://www.varnish-cache.org/trac/ticket/1087#comment:2>
Varnish <https://varnish-cache.org/>
The Varnish HTTP Accelerator

_______________________________________________
varnish-bugs mailing list
varnish-bugs@varnish-cache.org
https://www.varnish-cache.org/lists/mailman/listinfo/varnish-bugs