Software /
code /
prosody-modules
Annotate
mod_s2s_smacks_timeout/README.md @ 5930:cc30c4b5f006
mod_audit_auth: Allow suppressing repeated failure/success log entries from the same IP for a time
This can be triggered by e.g. a distributed brute force attack, or from Monal.
author | Matthew Wild <mwild1@gmail.com> |
---|---|
date | Mon, 13 May 2024 18:30:18 +0100 |
parent | 5788:78368d2865dd |
rev | line source |
---|---|
5788
78368d2865dd
mod_s2s_smacks_timeout: Add note about being merged in trunk mod_s2s
Kim Alvefur <zash@zash.se>
parents:
4981
diff
changeset
|
1 --- |
78368d2865dd
mod_s2s_smacks_timeout: Add note about being merged in trunk mod_s2s
Kim Alvefur <zash@zash.se>
parents:
4981
diff
changeset
|
2 labels: |
78368d2865dd
mod_s2s_smacks_timeout: Add note about being merged in trunk mod_s2s
Kim Alvefur <zash@zash.se>
parents:
4981
diff
changeset
|
3 - Stage-Obsolete |
78368d2865dd
mod_s2s_smacks_timeout: Add note about being merged in trunk mod_s2s
Kim Alvefur <zash@zash.se>
parents:
4981
diff
changeset
|
4 --- |
78368d2865dd
mod_s2s_smacks_timeout: Add note about being merged in trunk mod_s2s
Kim Alvefur <zash@zash.se>
parents:
4981
diff
changeset
|
5 |
4981
f0fe95f9e21c
mod_s2s_smacks_timeout: Use mod_smacks to close stale s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
6 # Introduction |
f0fe95f9e21c
mod_s2s_smacks_timeout: Use mod_smacks to close stale s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
7 |
5788
78368d2865dd
mod_s2s_smacks_timeout: Add note about being merged in trunk mod_s2s
Kim Alvefur <zash@zash.se>
parents:
4981
diff
changeset
|
8 ::: {.alert .alert-warning} |
78368d2865dd
mod_s2s_smacks_timeout: Add note about being merged in trunk mod_s2s
Kim Alvefur <zash@zash.se>
parents:
4981
diff
changeset
|
9 This behavior has now been merged into |
78368d2865dd
mod_s2s_smacks_timeout: Add note about being merged in trunk mod_s2s
Kim Alvefur <zash@zash.se>
parents:
4981
diff
changeset
|
10 [mod_s2s][doc:modules:mod_s2s] in trunk and is therefore obsolete |
78368d2865dd
mod_s2s_smacks_timeout: Add note about being merged in trunk mod_s2s
Kim Alvefur <zash@zash.se>
parents:
4981
diff
changeset
|
11 when used with trunk. |
78368d2865dd
mod_s2s_smacks_timeout: Add note about being merged in trunk mod_s2s
Kim Alvefur <zash@zash.se>
parents:
4981
diff
changeset
|
12 |
78368d2865dd
mod_s2s_smacks_timeout: Add note about being merged in trunk mod_s2s
Kim Alvefur <zash@zash.se>
parents:
4981
diff
changeset
|
13 It can still be used with Prosody 0.12 to get this behavior. |
78368d2865dd
mod_s2s_smacks_timeout: Add note about being merged in trunk mod_s2s
Kim Alvefur <zash@zash.se>
parents:
4981
diff
changeset
|
14 ::: |
78368d2865dd
mod_s2s_smacks_timeout: Add note about being merged in trunk mod_s2s
Kim Alvefur <zash@zash.se>
parents:
4981
diff
changeset
|
15 |
4981
f0fe95f9e21c
mod_s2s_smacks_timeout: Use mod_smacks to close stale s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
16 This module closes s2s connections when |
f0fe95f9e21c
mod_s2s_smacks_timeout: Use mod_smacks to close stale s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
17 [mod_smacks][doc:modules:mod_smacks] reports that a connection has not |
f0fe95f9e21c
mod_s2s_smacks_timeout: Use mod_smacks to close stale s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
18 received a timely acknowledgement as requested, indicating that the |
f0fe95f9e21c
mod_s2s_smacks_timeout: Use mod_smacks to close stale s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
19 connection is broken or the remote server is not responding. |
f0fe95f9e21c
mod_s2s_smacks_timeout: Use mod_smacks to close stale s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
20 |
f0fe95f9e21c
mod_s2s_smacks_timeout: Use mod_smacks to close stale s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
21 With the connection closed, the next stanza to be directed to that |
f0fe95f9e21c
mod_s2s_smacks_timeout: Use mod_smacks to close stale s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
22 server will trigger Prosody to establish a new connection, instead of |
f0fe95f9e21c
mod_s2s_smacks_timeout: Use mod_smacks to close stale s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
23 queueing it on the potentially broken connection. |
f0fe95f9e21c
mod_s2s_smacks_timeout: Use mod_smacks to close stale s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
24 |
f0fe95f9e21c
mod_s2s_smacks_timeout: Use mod_smacks to close stale s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
25 This should prevent messages from being stuck in a queue for a |
f0fe95f9e21c
mod_s2s_smacks_timeout: Use mod_smacks to close stale s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
26 potentially long time before being bounced back to the sender as |
f0fe95f9e21c
mod_s2s_smacks_timeout: Use mod_smacks to close stale s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
27 delivery failure reports. |
f0fe95f9e21c
mod_s2s_smacks_timeout: Use mod_smacks to close stale s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
28 |
f0fe95f9e21c
mod_s2s_smacks_timeout: Use mod_smacks to close stale s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
29 Normally the amount of time it takes for a broken connection to time out |
f0fe95f9e21c
mod_s2s_smacks_timeout: Use mod_smacks to close stale s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
30 is determined by TCP. |
f0fe95f9e21c
mod_s2s_smacks_timeout: Use mod_smacks to close stale s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
31 |
f0fe95f9e21c
mod_s2s_smacks_timeout: Use mod_smacks to close stale s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
32 If this is deemed sensible behavior then it will likely be merged into |
f0fe95f9e21c
mod_s2s_smacks_timeout: Use mod_smacks to close stale s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
33 Prosody itself somewhere. |