Limiting INN's NNRP connections per IP

Russ Allbery rra at
Mon Aug 26 19:15:24 UTC 2002

Jeffrey M Vinocur <jeff at> writes:

> Looks like xinetd can do both sorts of limiting (though I don't think
> you can customize the ratelimit by IP address).  From xinetd.conf(5):

>        per_source       Takes  an  integer  or  "UNLIMITED" as an
>                         argument.   This  specifies  the  maximum
>                         instances  of  this service per source IP
>                         address.  This can also be  specified  in
>                         the defaults section.

>        cps              Limits  the rate of incoming connections.
>                         Takes two arguments.  The first  argument
>                         is  the  number of connections per second
>                         to handle.  If the rate of incoming  con-
>                         nections is higher than this, the service
>                         will be temporarily disabled.  The second
>                         argument is the number of seconds to wait
>                         before re-enabling the service  after  it
>                         has been disabled.

Sounds like maybe we should just recommend that people with this need run
nnrpd from under xinetd.  (Is it portable to operating systems other than

Russ Allbery (rra at             <>

    Please send questions to the list rather than mailing me directly.
     <> explains why.

More information about the inn-workers mailing list