Limiting INN's NNRP connections per IP
Russ Allbery
rra at stanford.edu
Mon Aug 26 19:15:24 UTC 2002
Jeffrey M Vinocur <jeff at litech.org> writes:
> Looks like xinetd can do both sorts of limiting (though I don't think
> you can customize the ratelimit by IP address). From xinetd.conf(5):
> per_source Takes an integer or "UNLIMITED" as an
> argument. This specifies the maximum
> instances of this service per source IP
> address. This can also be specified in
> the defaults section.
> cps Limits the rate of incoming connections.
> Takes two arguments. The first argument
> is the number of connections per second
> to handle. If the rate of incoming con-
> nections is higher than this, the service
> will be temporarily disabled. The second
> argument is the number of seconds to wait
> before re-enabling the service after it
> has been disabled.
Sounds like maybe we should just recommend that people with this need run
nnrpd from under xinetd. (Is it portable to operating systems other than
Linux?)
--
Russ Allbery (rra at stanford.edu) <http://www.eyrie.org/~eagle/>
Please send questions to the list rather than mailing me directly.
<http://www.eyrie.org/~eagle/faqs/questions.html> explains why.
More information about the inn-workers
mailing list