udpserver
Prev Kernun UTM Reference (7) Next

Name

udpserver — UDP session and process management in proxies

Description

UDP-based proxies in Kernun (e.g., udp-proxy) use a special library module called udpserver for the process and operation control.

Process control

There are two modes of udpserver operation. In the normal operational mode (parent/child mode), the proxy consists of a parent and up to three child processes.

parent process

The parent process monitors the children, restarts them if they terminate unexpectedly, and terminates them if proxy termination is requested by the administrator (via the kat utility).

regular process (REG)

The REG child process handles the real work of the proxy, that is, communication with clients and servers.

configuration resolver process (ACR)

The ACR child process tries to resolve all domain names from configuration (see resolving(7)). It starts at the proxy beginning and reschedules itself so that expired names can be resolved again.

run-time resolver process (APR)

The APR child process is used to process on-line resolving for the REG process so that it needs not to wait for nameservers' responses (see resolving(7)).

In the single-process mode (turned on by item singleproc in the configuration), the proxy consists of a single process. The configuration resolution is not refreshed, the proxy waits for online resolutions. This mode is intended for debugging purposes only.

Signals

The udpserver handles the following signals:

SIGINFO

Log process-specific information. This signal must be sent to a particular process and it is valid for the process only.

SIGUSR1

Increase the log level. This signal can be sent either to a child process (valid for the child only), or to the parent (to be resent to all its children).

SIGUSR2

Decrease the log level. This signal can be sent either to a child process (valid for the child only), or to the parent (to be resent to all its children).

SIGWINCH

Reopen the log file. If the proxy logs to a file, this signal forces it to reopen the log file (e.g. after the log file rotation). This signal can be exceptionally sent to a child process, but under the normal circumstances it should be sent to the parent (to be resent to all its children).

SIGHUP, SIGTERM, SIGINT, SIGQUIT

Immediate termination. The proxy immediately terminates all sessions and exits. This signal can be exceptionally sent to a child process, but under the normal circumstances it should be sent to the parent (to be resent to all its children).

Operation control

The udpserver receives incoming UDP datagrams, assigns them to proper active sessions (or creates new ones), controls time and data limitations for session termination etc. In the case of specific proxies (such as gk-proxy), udpserver calls proxy-specific functions for further processing.

See Also

listen-on(5), application(5), udpserver(5), resolving(7)

Authors

This man page is a part of Kernun Firewall.
Copyright © 2000–2023 Trusted Network Solutions, a. s.
All rights reserved.

Prev Up Next
transparency Home Kernun UTM Reference (8)