socket_helper: tunables for tcp_defer_accept/accept_filter
Under Linux, this allows users to tune the time (in seconds) to
defer connections before allowing them to be accepted. The
behavior of TCP_DEFER_ACCEPT changed with Linux 2.6.32 and idle
connections may still be accept()-ed after the specified value
in seconds. A small value of '1' remains the default for
Unicorn as Unicorn does not worry about slow clients. Higher
values provide better DoS protection for Rainbows! but also
increases kernel memory usage.
Allowing "dataready" for FreeBSD accept filters will allow
SSL sockets to be used in the future for HTTPS, too.
(cherry picked from commit
646cc762cc9297510102fc094f3af8a5a9e296c7)