On Mon, Nov 01, 2004 at 11:19:47AM -0500, Payal Rathod wrote:
> On Mon, Nov 01, 2004 at 10:04:46AM -0500, Jason Opperisano wrote:
> > yeah, in your web server configuration, set the maximum number of
> > simultaneous connections to 10.
>
> Not all webservers (especially windows based) might support it. Also
they should (and yes, IIS does have a max conns setting).
> what if the server in question is not a webserver but some simple server with
> no such capabalities.
k.
> Hence I was looking at iptables to solve it for me.
> The reason is that I am scared to re-make a core utility such as
> iptables from a tar ball. I prefer rpm for such cases.
> I have Mandrake 10.0 (official).
which brings us back to connlimit... take a test machine, follow the
procedure for patching your kernel via POM, and instead of making and
installing the kernel, do a 'make rpm' and upgrade your production
firewall with that rpm (after testing it, of course)... making &
installing iptables from source will default to /usr/local/sbin, so it
won't interfere with your rpm-installed iptables.
the question "i want a feature from POM, but don't want to have to
compile anything" isn't very much in the spirit of linux, IMHO...maybe
i'm just a crusty old man in that respect.
-j
--
"Lisa, if the Bible has taught us nothing else, and it hasn't, it's
that girls should stick to girls sports, such as hot oil wrestling
and foxy boxing and such and such."
--The Simpsons
