----- Missatge original ----- > On 10/19/2010 12:11 PM, Gerrard Geldenhuis wrote: > > Hi We have recently seen an issue were a single client opened up > > more than 800 established connections to our directory server. The > > client did have the proper settings configured and should have > > closed connections but it did'nt. Is there a way to limit the amount > > of connections per client or close connections from the server side > > after a certain period? Without just making the amount of > > connections ridicuosly high on the directory server how can you > > safeguard against rogue clients. > > > > Our client setting is as follows: > > idle_timelimit 5 > > timelimit 10 > > bind_timelimit 5 > > > > We were unable to log into client and it had file system issues so > > we could not do any further analyses there. > > > > I suspect that solutions to this problem probably falls outside of > > what can be configured in 389? > > While it's not a 389-specific suggestion, iptables could easily solve > this problem for you across the board. :) > there's also a setting to close idle connections after X seconds. is somewhere in the 389 console, i can't remember now exactly. abosch -- 389 users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-users