Re: limiting connections per IP w/FreeBSD ftpd?

• Previous message: Andrew Gallatin: "Re: limiting connections per IP w/FreeBSD ftpd?"
• In reply to: Andrew Gallatin: "limiting connections per IP w/FreeBSD ftpd?"
• Next in thread: Andrew Gallatin: "Re: limiting connections per IP w/FreeBSD ftpd?"
• Reply: Andrew Gallatin: "Re: limiting connections per IP w/FreeBSD ftpd?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Fri, 30 May 2003 17:38:21 +0400 (MSD)
To: Andrew Gallatin <gallatin@cs.duke.edu>

On 09:25-0400, May 30, 2003, Andrew Gallatin wrote:

>
> At my company, some bonehead (not sure if it was maliciousness or just
> a stupid customer), opened 60 simultaneous connections to our ftp
> server and totally swamped our T1. This is the second or third time
> this has happened recently.
>
> So I'm looking for some way to limit the number of connections per-IP.
> I understand this may be bad for sites behind NAT boxes, or for
> multiuser systems, and I don't want to start a thread debating its
> merits.
>
> I'd like to avoid downgrading to one of the swiss-army knife ftpds
> that always seems to have a vulnerability in the headlines, but I
> don't have time to hack FreeBSD ftpd myself.
>
> So: Does anybody have patches to allow FreeBSD's ftpd to limit
> connections per IP? Or am I stuck with proftpd or wuftpd

a) run ftpd from inetd -s<number>, man inetd;

b) ipfw2 limit src-addr, man ipfw.

-- 
Maxim Konovalov, maxim@macomnet.ru, maxim@FreeBSD.org
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"

• Previous message: Andrew Gallatin: "Re: limiting connections per IP w/FreeBSD ftpd?"
• In reply to: Andrew Gallatin: "limiting connections per IP w/FreeBSD ftpd?"
• Next in thread: Andrew Gallatin: "Re: limiting connections per IP w/FreeBSD ftpd?"
• Reply: Andrew Gallatin: "Re: limiting connections per IP w/FreeBSD ftpd?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages limiting connections per IP w/FreeBSD ftpd? ... server and totally swamped our T1. ... This is the second or third time ... So I'm looking for some way to limit the number of connections per-IP. ... Does anybody have patches to allow FreeBSD's ftpd to limit ... (freebsd-net) Re: FTP server ... FTPD: Starting Ftp server ... FTPD: Received 1 incoming connections!! ... ScheduleEvent() - cookie = 1 ... (microsoft.public.windowsce.embedded) Re: FTP server ... FTPD: Starting Ftp server ... FTPD: Received 1 incoming connections!! ... ScheduleEvent() - cookie = 1 ... (microsoft.public.windowsce.embedded) diagnosing FTPD ... From couple of days I see entries in my /var/log/messages ... Currently there are about 200 connections and all is ok - ftpd is ... no coredump or big load. ... My assumptions is that hosts open too many connections and on closing ... (freebsd-questions) Re: WebRequest times out...but only 3rd time and on... ... the second time but at the third time it ... fails with timeout... ... responses are "hogging" the connections it's made. ... (microsoft.public.dotnet.languages.csharp)