From:
http://www.mail-archive.com/dev@httpd.apache.org/msg37189.html
Hi!
Attached is a version of mod_limitipconn.c that works in conjunction with
mod_cache and httpd-2.2. We've been using this on ftp.acc.umu.se for some
time now without any unwanted issues.
The main problem with mod_limitipconn-0.22 was that since mod_cache runs as
a quick handler, mod_limitipconn also must run as a quick handler with all
those benefits and drawbacks.
Download the tarball from http://dominia.org/djao/limitipconn2.html , extract
it, and replace mod_limitipconn.c with this version and follow the build
instructions.
I would really wish that this was made part of httpd, it's really needed when
running a file-download site due to the scarily large amount of demented
download manager clients out there.
However, I have not received any response from the original author on the
matter. From what I have understood of the license it should be OK to merge
into httpd if you want though, but I think that you guys are way more clued
in that matter than me.
This is a summary of the changes made:
* Rewritten to run as a Quick Handler, before mod_cache.
* Configuration directives are now set per VHost (Directory/Location
are available after the Quick Handler has been run). This means that
any
* Fixed configuration merging, so per-vhost settings use defaults set
at the server level.
* By running as a Quick Handler we don't go through the entire lookup
phase (resolve path, stat file, etc) before we get the possibility
to block a request. This gives a clear performance enhancement.
* Made the handler exit as soon as possible, doing the "easy" checks
first.
* Don't do subrequest to lookup MIME type if we don't have mime-type
specific config.
* Count connections in closing and logging state too, we don't want to
be DOS'd by clients behind buggy firewalls and so on.
* Added debug messages for easy debugging.
* Reduced loglevel from ERR to INFO for reject-logging.
In any case, I hope that this can be of use for others than us.
/Nikke
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Niklas Edmundsson, Admin @ {acc,hpc2n}.umu.se | [EMAIL PROTECTED]
---------------------------------------------------------------------------
We are AT&T of Borg, MCI will be assimilated
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
(FWIW: copied without explicit permission)
--
The module can be loaded with the following in /etc/httpd/httpd.conf
LoadModule limitipconn_module lib/httpd/modules/mod_limitipconn.so
ExtendedStatus On
MaxConnPerIP 5
To test the 'test.pl' utility from mod_evasive is included in the doc dir.
Approved by: Erik Hanson
Maintained by: Menno E. Duursma
Homepage:
http://dominia.org/djao/limitipconn2.html
Download Source:
mod_limitipconn-0.22.tar.gz
Source MD5SUM:
0f4beb9eb4e7b815ca472ccfe11451b3
Download SlackBuild:
mod_limitipconn.tar.gz
mod_limitipconn.tar.gz.asc
(the SlackBuild does not include the source)
| Individual Files: |
| • README |
| • mod_limitipconn.SlackBuild |
| • mod_limitipconn.c |
| • mod_limitipconn.info |
| • slack-desc |
| • test.pl |
See our HOWTO for instructions on how to use the contents of this repository.
Anonymous FTP Access to Repository: ftp://ftp.slackbuilds.org
Access via rsync is also available.
rsync://rsync.slackbuilds.org/slackbuilds
© 2006-2008
SlackBuilds.org Project. All rights reserved.
Slackware® is a registered trademark of
Patrick Volkerding
Linux® is a registered trademark of
Linus Torvalds
Valid XHTML
and
CSS by
WebSight Designs | Hosting by
OnyxLight Communications