I'm using socat
to forward traffic from a local port to a remote server over SSL. My command is as follows:
socat -d -d TCP-LISTEN:1234,fork,reuseaddr OPENSSL:192.168.1.2:1234,verify=0
However, I'm experiencing an issue where the child processes created by socat
are not terminating even after the client disconnects. When I close the client connection (using nc localhost 1234
to establish the connection and then press ctrl-C), I see the following in the socat
debug log:
2024/07/06 22:37:12 socat[146196] N listening on AF=10 [0000:0000:0000:0000:0000:0000:0000:0000]:1234
2024/07/06 22:37:14 socat[146196] N accepting connection from AF=10 [0000:0000:0000:0000:0000:ffff:7f00:0001]:41648 on AF=10 [0000:0000:0000:0000:0000:ffff:7f00:0001]:1234
2024/07/06 22:37:14 socat[146196] N forked off child process 146210
2024/07/06 22:37:14 socat[146196] N listening on AF=10 [0000:0000:0000:0000:0000:0000:0000:0000]:1234
Despite this, the child processes remain active. Here is a pgrep -a socat
output of hanging processes:
146196 socat -d -d TCP-LISTEN:1234,fork,reuseaddr OPENSSL:192.168.1.2:1234,verify=0
146210 socat -d -d TCP-LISTEN:1234,fork,reuseaddr OPENSSL:192.168.1.2:1234,verify=0
What I've Tried:
- Adding
keepalive
and it's settings options (based on this question): No improvement. -t
and-T
parameters: No improvement.
Observations:
- when I let the client end the session properly, the child process on the socat side shuts down properly
- by default, ten seconds after the client sends the EOF, socat prints this to logs, but the child process is still active.
N inactivity timeout triggered
N exiting with status 0
- here is the netstat output after 4 established connections:
tcp 0 1 10.0.0.21:37192 192.168.1.2:1234 SYN_SENT 217732/socat
tcp 0 1 10.0.0.21:44948 192.168.1.2:1234 SYN_SENT 217655/socat
tcp 0 1 10.0.0.21:44934 192.168.1.2:1234 SYN_SENT 217645/socat
tcp 0 1 10.0.0.21:44920 192.168.1.2:1234 SYN_SENT 217630/socat
tcp6 0 0 :::1234 :::* LISTEN 217531/socat
I create many forked connections and over time the server creates hundreds of hanging processes that allocate hundreds of megabytes of memory until the server crashes.
Any help or suggestions would be greatly appreciated!
netstat -anp | grep 1234
to see if gives any clues?