[ previous ] [ next ] [ threads ]
 From:  Manuel Kasper <mk at neon1 dot net>
 To:  Ron Rosson <ron at oneinsane dot net>
 Cc:  M0n0wall <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] HTTP Crash
 Date:  Sun, 18 Jul 2004 19:24:44 +0200
On 18.07.2004 09:41 -0700, Ron Rosson wrote:

> Running 1.1.b16 and I was testing something on my network and I ran
> an NMAP. (nmap -n nothing fancy but it killed the
> HTTP server which is running on 443.  Can any one explain why a
> simple nmap can crash the m0n0wall interface.

You're right, I've been able to reproduce the problem here. Turns out
that it's a bug in mini_httpd - when accept() returns ECONNABORTED
(because the connection from nmap had already been closed while it
was still waiting in the listen queue), it simply exits ("accept:
Software caused connection abort"). The fix is trivial and the next
release will include a patched mini_httpd. I'll report this to the
author of mini_httpd as well.


- Manuel