Re: [389-users] Safeguarding against to many established connections | |
| [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] | |
----- Missatge original ----- > On 10/19/2010 12:11 PM, Gerrard Geldenhuis wrote: > > Hi We have recently seen an issue were a single client opened up > > more than 800 established connections to our directory server. The > > client did have the proper settings configured and should have > > closed connections but it did'nt. Is there a way to limit the amount > > of connections per client or close connections from the server side > > after a certain period? Without just making the amount of > > connections ridicuosly high on the directory server how can you > > safeguard against rogue clients. > > > > Our client setting is as follows: > > idle_timelimit 5 > > timelimit 10 > > bind_timelimit 5 > > > > We were unable to log into client and it had file system issues so > > we could not do any further analyses there. > > > > I suspect that solutions to this problem probably falls outside of > > what can be configured in 389? > > While it's not a 389-specific suggestion, iptables could easily solve > this problem for you across the board. :) > there's also a setting to close idle connections after X seconds. is somewhere in the 389 console, i can't remember now exactly. abosch -- 389 users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-users
[Fedora Directory Devel] [Fedora Announce] [Fedora Legacy Announce] [Home] [Fedora Tools] [Kernel] [Fedora Legacy] [Share Photos] [Fedora Desktop] [PAM] [Red Hat Watch] [Red Hat Development] [Red Hat 9 Bible] [Red Hat 9] [Big List of Linux Books] [Gimp] [Yosemite News]