Skip to content
GitLab
  • Menu
Projects Groups Snippets
  • /
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
  • Trac Trac
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Issues 246
    • Issues 246
    • List
    • Boards
    • Service Desk
    • Milestones
  • Monitor
    • Monitor
    • Metrics
    • Incidents
  • Analytics
    • Analytics
    • Value stream
  • Wiki
    • Wiki
  • Activity
  • Create a new issue
  • Issue Boards
Collapse sidebar
  • Legacy
  • TracTrac
  • Issues
  • #469
Closed (moved) (moved)
Open
Created Jul 23, 2007 by weasel (Peter Palfrader)@weasel

please limit connections by client

I just had 213.26.168.50 perform a denial of service against Tor26. It opened over 5000 connections to tor26, which not only ate a bit of CPU, but also used up all available file descriptors, causing tor26 to drop new connections:

Jul 23 13:26:11.701 [notice] accept failed: Too many open files. Dropping incoming connection.

Please implement some limit of connections per clients. There are a few other minor abusers too, which probably means this also could use some thinking at the client:

sudo netstat -na | grep 86.59.21.38 > 38 cat 38 | grep ESTABLISHED | awk '{print $5}' | sed -e 's/:.*//' | sort | uniq -c | sort -n | tail [..] 11 61.60.x.y [slightly anonymized] 13 212.249.x.y 16 59.120.x.y 19 81.120.x.y 25 65.122.x.y 31 202.185.x.y 32 125.16.x.y 5649 213.26.x.y

cheers,

[Automatically added by flyspray2trac: Operating System: All]

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information
Assignee
Assign to
Time tracking