Re: [389-users] Safeguarding against to many established connections

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



----- Missatge original -----
> On 10/19/2010 12:11 PM, Gerrard Geldenhuis wrote:
> > Hi We have recently seen an issue were a single client opened up
> > more than 800 established connections to our directory server. The
> > client did have the proper settings configured and should have
> > closed connections but it did'nt. Is there a way to limit the amount
> > of connections per client or close connections from the server side
> > after a certain period? Without just making the amount of
> > connections ridicuosly high on the directory server how can you
> > safeguard against rogue clients.
> >
> > Our client setting is as follows:
> > idle_timelimit 5
> > timelimit 10
> > bind_timelimit 5
> >
> > We were unable to log into client and it had file system issues so
> > we could not do any further analyses there.
> >
> > I suspect that solutions to this problem probably falls outside of
> > what can be configured in 389?
> 
> While it's not a 389-specific suggestion, iptables could easily solve
> this problem for you across the board. :)
> 

there's also a setting to close idle connections after X seconds. is somewhere in the 389 console, i can't remember now exactly.


abosch
--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users


[Index of Archives]     [Fedora Directory Users]     [Fedora Directory Devel]     [Fedora Announce]     [Fedora Legacy Announce]     [Kernel]     [Fedora Legacy]     [Share Photos]     [Fedora Desktop]     [PAM]     [Red Hat Watch]     [Red Hat Development]     [Big List of Linux Books]     [Gimp]     [Yosemite News]

  Powered by Linux