dccproc eating up 98% of the CPU

Ruben Safir Secretary NYLXS ruben@mrbrklyn.com
Sat Oct 2 03:09:34 UTC 2004

On Fri, Oct 01, 2004 at 08:51:45PM -0600, Vernon Schryver wrote:
> > From: Ruben Safir Secretary NYLXS 
> > I don't know how I can say this or demonstrate this more convincingly
> > but there is no firewall
> Ok.  What do you figure is the problem?  Do you think that 
>    - the public DCC servers have filters against you?
>       I don't recall an explicit statement of your IP address, but I
>       don't see in
>       http://www.rhyolite.com/anti-spam/dcc/client-blacklist
>   - a bug in the DCC code that only affects your system, and that
>       causes `cdcc info` to be unable to raise any DCC servers and
>       dccproc to loop?

I'm using broken or old code :)

I have no doubts its my fault, I was just going nuts trying to fix it.
You nailed it with the wrong dcc version.  I was using 1.26 or something
like that.  

> If "masquarading" means what I think it means, it *is* a firewall
> of sorts.

Well, it's using IP Tables to masquared, but no firewall port blocking

#/sbin/route add -net netmask reject #above.net spam
/sbin/route add default gw dev eth1
/sbin/route add gw dev eth1

/usr/sbin/iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE

## NAT Setup for flatbush
/sbin/ifconfig eth1:1 netmask
/usr/sbin/iptables -t nat -A PREROUTING -d -i eth1 -j DNAT \
/usr/sbin/iptables -t nat -A PREROUTING -p tcp -d -i eth1 \
	   --dport 80 -j DNAT --to-destination
/usr/sbin/iptables -t nat -A PREROUTING -p tcp -d -i eth1 \
	   --dport 443 -j DNAT --to-destination

Thats the script I wrote for the masqurading.  I could know a lot more about

> yes, but as I said before, can UDP packets from UDP port 6277 on 
> one of the public DCC servers reach your system?

How do you test that if you don't have something listening on that  port?

> Why shouldn't trying to send 2048 UDP packets, each with a random
> payload of 8 KBytes to a public DCC server as fast as possible be
> seen as a denial of service attack that requires permanently
> blacklisting you and everyone you know?

Say again?  Did I create a DOS event?  Very sorry.  If was not intentional, and only a few 
seconds to a single host.


Brooklyn Linux Solutions

So many immigrant groups have swept through our town 
that Brooklyn, like Atlantis, reaches mythological 
proportions in the mind of the world  - RI Safir 1998

DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002

http://www.mrbrklyn.com - Consulting
http://www.inns.net <-- Happy Clients
http://www.nylxs.com - Leadership Development in Free Software
http://www2.mrbrklyn.com/resources - Unpublished Archive or stories and articles from around the net
http://www2.mrbrklyn.com/downtown.html - See the New Downtown Brooklyn....

More information about the DCC mailing list

Contact vjs@rhyolite.com by mail or use the form.