|
From: | Michel Marti |
Subject: | Re: [PATCH] NTP protocol test |
Date: | Tue, 25 Jan 2005 12:40:13 +0100 |
User-agent: | Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.3) Gecko/20041007 Debian/1.7.3-5 |
Jan-Henrik Haukeland wrote:
I think this is a fine patch. However, and this has nothing to do with your path, but we should really do something with the implementation of check_udp_socket(). Today, the way we test an udp server is to send it one byte, which is bad, and the reason you had to add the workaround for socket_is_ready(). What we should do is to send an empty SYN packet and check for an ACK from the server. This means that to test a UDP server monit must run as root, since we have to use a raw socket. Same is it is today for icmp ping tests. This shouldn't be a problem?
SYN/ACK is part of TCP, so this cannot be used to test UDP connectivity. Looking at the manpage of nmap, they describe their UDP scan like this:
"UDP scans: This method is used to determine which UDP ports are open on a host. The technique is to send 0 byte UDP packets to each port on the target machine. If we receive an ICMP port unreachable message, then the port is closed. If a UDP response is received to the probe (unusual), the port is open. If we get no response at all, the state is "open|filtered", meaning that the port is either open or packet filters are blocking the communication."
I guess we could do the same in monit's UDP check!?! Michel
[Prev in Thread] | Current Thread | [Next in Thread] |