From owner-freebsd-hackers  Sun Jun 23 20:15:43 2002
Delivered-To: freebsd-hackers@freebsd.org
Received: from cheer.mahoroba.org (flets19-004.kamome.or.jp [218.45.19.4])
	by hub.freebsd.org (Postfix) with ESMTP
	id 960EA37B409; Sun, 23 Jun 2002 20:15:37 -0700 (PDT)
Received: from piano.mahoroba.org (IDENT:f6RvM/w6Di9xvvGOU3DjOCMKn5KZyKU0daqbg7g/dEwasyXev4UiMVN1EfY8YoiB@[IPv6:2002:d37e:1a7c::1])
	(user=ume mech=CRAM-MD5 bits=0)
	by cheer.mahoroba.org (8.12.4/8.12.4) with ESMTP/inet6 id g5O3FMIk094064
	(version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO);
	Mon, 24 Jun 2002 12:15:28 +0900 (JST)
	(envelope-from ume@mahoroba.org)
Date: Mon, 24 Jun 2002 12:15:19 +0900
Message-ID: <ygefzzdz7so.wl@piano.mahoroba.org>
From: Hajimu UMEMOTO <ume@mahoroba.org>
To: Terry Lambert <tlambert2@mindspring.com>
Cc: Giorgos Keramidas <keramida@FreeBSD.org>, hackers@FreeBSD.org
Subject: Re: Limiting clients per source IP address (ftpd, inetd, etc.)
In-Reply-To: <3D129CA8.EFADA4FF@mindspring.com>
References: <20020621000924.GA2178@hades.hell.gr>
	<3D129CA8.EFADA4FF@mindspring.com>
User-Agent: xcite1.38> Wanderlust/2.9.13 (Unchained Melody) SEMI/1.14.3
 (Ushinoya) FLIM/1.14.3 (=?ISO-8859-4?Q?Unebigory=F2mae?=) APEL/10.3
 Emacs/21.2 (i386--freebsd) MULE/5.0 (=?ISO-2022-JP?B?GyRCOC1MWhsoQg==?=)
X-Operating-System: FreeBSD 4.6-RELEASE
MIME-Version: 1.0 (generated by SEMI 1.14.3 - "Ushinoya")
Content-Type: text/plain; charset=US-ASCII
X-Virus-Scanned: by AMaViS-perl11-milter (http://amavis.org/)
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-hackers.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-hackers>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-hackers>
X-Loop: FreeBSD.ORG

Hi,

>>>>> On Thu, 20 Jun 2002 20:25:28 -0700
>>>>> Terry Lambert <tlambert2@mindspring.com> said:

tlambert2> Giorgos Keramidas wrote:
> I've been thinking for quite some time to add per-client-IP limiting
> to ftpd, and I had almost decided upon something like the following,
> where each child of ftpd has two numbers associated with it.  The
> client IP address, and the PID of the ftpd child that serves it.  The
> hash at the beginning of the lists serves as a minor assistance in
> splitting the 2^32 address space in smaller chunks so that we don't
> end up with a singly linked list of a few thousand entries.

tlambert2> Someone just did something similar for inetd (per IP per port).

Yes, it's me.  I already rewrote my patch to use open hash as you
mentioned.  My patch is in testing on snapshots.jp.FreeBSD.org (thank
you Matusita-san).
You can find my patch from:

  http://www.imasy.or.jp/~ume/FreeBSD/inetd-perip-hash-5c.diff (for 5-CURRENT)
  http://www.imasy.or.jp/~ume/FreeBSD/inetd-perip-hash-4s.diff (for 4-STABLE)

Sincerely,

--
Hajimu UMEMOTO @ Internet Mutual Aid Society Yokohama, Japan
ume@mahoroba.org  ume@bisd.hitachi.co.jp  ume@{,jp.}FreeBSD.org
http://www.imasy.org/~ume/

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message