Limiting INN's NNRP connections per IP
rra at stanford.edu
Mon Aug 26 19:15:24 UTC 2002
Jeffrey M Vinocur <jeff at litech.org> writes:
> Looks like xinetd can do both sorts of limiting (though I don't think
> you can customize the ratelimit by IP address). From xinetd.conf(5):
> per_source Takes an integer or "UNLIMITED" as an
> argument. This specifies the maximum
> instances of this service per source IP
> address. This can also be specified in
> the defaults section.
> cps Limits the rate of incoming connections.
> Takes two arguments. The first argument
> is the number of connections per second
> to handle. If the rate of incoming con-
> nections is higher than this, the service
> will be temporarily disabled. The second
> argument is the number of seconds to wait
> before re-enabling the service after it
> has been disabled.
Sounds like maybe we should just recommend that people with this need run
nnrpd from under xinetd. (Is it portable to operating systems other than
Russ Allbery (rra at stanford.edu) <http://www.eyrie.org/~eagle/>
Please send questions to the list rather than mailing me directly.
<http://www.eyrie.org/~eagle/faqs/questions.html> explains why.
More information about the inn-workers