Hi!
Our problem: Every so often a client in the internal net runs amok and
hammers the proxy with about 50 (!) connections per second.
Squid does handle this, but it's really futile -- we'd like to stop
the client before squid gets to see the packets.
So I thought iptables --limit could do the trick.
Before I reinvent the whell, I'd like to ask if someone already has
such a "connection rate limiter per IP" in place (and how it looks).
-- Ralf Hildebrandt (Im Auftrag des Referat V a) Ralf.Hildebrandt@charite.de Charite Campus Mitte Tel. +49 (0)30-450 570-155 Referat V a - Kommunikationsnetze - Fax. +49 (0)30-450 570-916 AIM: ralfpostfixReceived on Mon Jun 16 2003 - 01:50:02 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:17:22 MST