Date: Tue, 6 Feb 2001 08:45:44 -0600 From: Lucas Bergman <lucas@slb.to> To: Neil Blakey-Milner <nbm@mithrandr.moria.org> Cc: freebsd-questions@freebsd.org Subject: Re: Limiting connections w/ ftpd Message-ID: <20010206084544.A23072@billygoat.slb.to> In-Reply-To: <20010206101815.A52096@rapier.smartspace.co.za>; from nbm@mithrandr.moria.org on Tue, Feb 06, 2001 at 10:18:15AM %2B0200 References: <009d01c08f3d$f7a77de0$0101a8c0@pavilion> <20010205084218.A19317@billygoat.slb.to> <20010206101815.A52096@rapier.smartspace.co.za>
next in thread | previous in thread | raw e-mail | index | archive | help
> > > I've been recently getting flooded with connections via ftp, and > > > I was wondering how to limit ftp connections per IP address to > > > stop "connection floods" from a single host name. I can't find > > > much documentation on the standard FreeBSD "ftpd" that explains > > > how this would be done. > > > > ftpd doesn't know how many simultaneous connections are being > > made, since each ftpd only handles one connection; inetd handles > > the starting of multiple daemons. Stock inetd does not have a > > facility for concurrency limits. You'll have to use /TCP > > Wrappers/ or /ucspi-tcp/; they're both in ports. I've used > > /ucspi-tcp/ with good results. > > While ucspi-tcp is often my preferred solution, you're wrong about > FreeBSD's inetd; it can do concurrency and time-based limits. From > the inetd man page: You are, of course, correct. That will teach me to write answers early in the morning. What I /meant/ was that stock inetd does not "good" control of concurrency. In particular, it causes what many people, including myself, consider unnecessary interruptions in popular services. That was why I originally made the switch; I was tired of my services hanging up for ten minutes at a time, for example, when I imposed a limit. I, too, dislike when people take their personal preferences and pass them off as gospel truth. My careless sentence about inetd above did just that. *Cringe* Thanks, Lucas To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010206084544.A23072>