diff options
author | dima <dima@FreeBSD.org> | 1997-10-29 21:49:04 +0000 |
---|---|---|
committer | dima <dima@FreeBSD.org> | 1997-10-29 21:49:04 +0000 |
commit | c811dec8d3d9b6851e050cf67f85125b699f5fe5 (patch) | |
tree | 4a4acfc180ee19b8f076d1de59cc212aaf2a0142 /usr.sbin/inetd/inetd.8 | |
parent | 45d91efdec8ea09a7c3d000beba82d6119347adf (diff) | |
download | FreeBSD-src-c811dec8d3d9b6851e050cf67f85125b699f5fe5.zip FreeBSD-src-c811dec8d3d9b6851e050cf67f85125b699f5fe5.tar.gz |
Add possibility to specify maximum number of connections per minute
for a given IP address.
This should be very effective against DoS attacks.
Diffstat (limited to 'usr.sbin/inetd/inetd.8')
-rw-r--r-- | usr.sbin/inetd/inetd.8 | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/usr.sbin/inetd/inetd.8 b/usr.sbin/inetd/inetd.8 index 29f0f6c..125c4e9 100644 --- a/usr.sbin/inetd/inetd.8 +++ b/usr.sbin/inetd/inetd.8 @@ -30,7 +30,7 @@ .\" SUCH DAMAGE. .\" .\" from: @(#)inetd.8 8.3 (Berkeley) 4/13/94 -.\" $Id: inetd.8,v 1.15 1997/10/27 22:03:44 ache Exp $ +.\" $Id: inetd.8,v 1.16 1997/10/28 13:46:51 ache Exp $ .\" .Dd February 7, 1996 .Dt INETD 8 @@ -100,7 +100,7 @@ fields of the configuration file are as follows: service name socket type protocol -{wait|nowait}[/max-child] +{wait|nowait}[/max-child[/max-connections-per-ip-per-minute]] user[:group][/login-class] server program server program arguments @@ -270,6 +270,12 @@ once the maximum is reached, further connection attempts will be queued up until an existing child process exits. This also works in the case of ``wait'' mode, although a value other than one (the default) might not make sense in some cases. +You can also specify the maximum number of connections per minute +for a given IP address by appending +a ``/'' followed by the number to the maximum number of +outstanding child processes. Once the maximum is reached, further +conections from this IP address will be dropped until the end of the +minute. .Pp The .Em user |