From owner-freebsd-questions Wed Jan 2 6:37:38 2002 Delivered-To: freebsd-questions@freebsd.org Received: from femail28.sdc1.sfba.home.com (femail28.sdc1.sfba.home.com [24.254.60.18]) by hub.freebsd.org (Postfix) with ESMTP id 78F3937B446 for ; Wed, 2 Jan 2002 06:37:06 -0800 (PST) Received: from main ([24.14.243.57]) by femail28.sdc1.sfba.home.com (InterMail vM.4.01.03.20 201-229-121-120-20010223) with SMTP id <20020102143706.JCXM20568.femail28.sdc1.sfba.home.com@main>; Wed, 2 Jan 2002 06:37:06 -0800 Message-ID: <000401c1939a$de3338b0$0300a8c0@jayyness.com> From: "Totally Jayyness" To: "Odhiambo Washington" , References: <000f01c19394$42196d10$0300a8c0@jayyness.com> <20020102171727.E49613@ns2.wananchi.com> Subject: Re: Kicking a single user off httpd Date: Wed, 2 Jan 2002 07:36:30 -0700 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Thanks for the quick reply, Wash. I don't want to completely block that user from my web space forever... I am just looking for a way to kick his connection off long enough for whatever program he was using (probably just a web browser) to time-out when it was trying to auto-reconnect (which apparently is does with a vigor). But that is a good question, since I don't know the answer to it. Say I do find a user on my system that I don't want on my system. How do I kick that one user off initially? And then I supposed I could use your suggestion to prevent that user from coming back. Let me see if I can understand the option you suggested. This would ONLY allow those that I wished onto my server.... I actually don't want to lock down my server because I would be locking myself out also, I like having access to my tunes wherever I go. But can I use this to specifically deny certain ips? Let me doctor the below with what I would put in in actuality and see if it is right. > is my directory > Order allow,deny Do I put the ips here? Or does this just let it know what order they come in for the other lines? Do I do it like this to allow the .5 but deny the .4? Order allow,deny 192.168.0.5,192.168.0.4 Or do I do it like this, removing the Order allow,deny and replace it with something like this? Also, how do you seperate multiple IPs? Just with a space, but the comma seperates the allow,denies? Order 192.168.0.5,192.168.0.4 > AllowOverride None Not sure what this does > Allow from .some_domain.com I supposed I could use this like this? And if I wanted multiple domains, just and new lines? Allow from .dyndns.com Allow from .jayyness.com > Oh, and thanks for replying directly as I am not a subscriber to the questions-list. ----- Original Message ----- From: "Odhiambo Washington" To: Cc: Sent: Wednesday, January 02, 2002 7:17 AM Subject: Re: Kicking a single user off httpd > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > * Totally Jayyness [20020102 16:48]: wrote: > > I know how to kill and restart this process... just don't know how to kick a > > single user. Better explain the situation as I am not sure how to ask my > > question really. > > > > I recently set up a FreeBSD 4.4 mp3/ftp server. If you go to my website, it > > is just a directory listing of all my mp3s with playlist songs to stream > > mp3s from the web. > > > > Well, while trying to listen to my mp3s this morning, they were super > > choppy. Winamp couldn't keep up with the buffer. I log into my server and > > find that there are like 40+ connections to port 80 from one single IP.... > > So this person must be d/ling MP3s directly from my web interface instead of > > requesting ftp access to my site.... so I do a killall -HUP httpd which > > kills all the connections and restarts my daemon... check netstat -Aan and > > everything looks normal.... my mp3s start streaming nicely... for about 1 > > minute (probably less). Check netstat -Aan again and all the 40+ > > connections are back... > > > > Can I kill that user off of httpd? If so, what commands do I use? > > Kill is rather difficult, IMO. Why don't you use the restrictions that > come as directives in httpd.conf to restrict who can access your server? > > > Order allow,deny > AllowOverride None > Allow from .some_domain.com > > > Or so I think ;) > > > - -Wash > > S y s t e m s A d m i n. > > - -- > Odhiambo Washington "The box said 'Requires > Wananchi Online Ltd. www.wananchi.com Windows 95, NT, or better,' > Tel: 254 2 313985-9 Fax: 254 2 313922 so I installed FreeBSD." > GSM: 254 72 743 223 GSM: 254 733 744 121 This sig is McQ! :-) > > ++ > Why can't you be a non-conformist like everyone else? > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.0.6 (FreeBSD) > Comment: For info see http://www.gnupg.org > > iD8DBQE8MxZ1n7LIsuxjem8RAvIqAJ44vkhhiwZQNIcmBG9Cu5bhGGxv/gCeOQCA > 8EB3vH5ftOF4L72CAfHna8s= > =Ptwx > -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message