Am 29.11.2011 23:44, schrieb Filip Rembiałkowski:
did you look at connlimit? http://www.netfilter.org/projects/patch-o-matic/pom-external.html#pom-external-connlimit AFAIK, it applies only to ESTABLISHED state, so maybe it suits you.
No, I didn't, and THANKS! That's exactly the hint I needed. I tried to use the hashlimit and/or recent matches with high burst rates and low limits, but that didn't work, and that's what I was hinting at.
I'm not sure how do you want to allow "many connections being created almost at once" and "limit number of connections from same IP" at the same time?
The intention being that I'm trying to limit the total amount of connections per client to something around 20; the behaviour of the clients is such that they create 10-15 connections in a very short burst (due to threaded accesses to the database), and (should) disconnect all of these in an interval of 10 minutes. When a client runs amok (which I've had twice this week), the batch of connections is not disconnected, and a single client gradually starts eating up all connections to the database, and thus hinders other clients from functioning. But: using connlimit should do the trick. I'll try that out immediately.
Thanks again! -- --- Heiko. -- Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
