httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ivan Barrera A." <Br...@Ivn.cl>
Subject Re: Timeout for requests
Date Tue, 03 May 2005 22:30:48 GMT
>>>I did fix an issue last year where even with accept filtering enabled
>>>you could DoS any Apache server by simply opening MaxClients connections
>>>and trickling a carriage return to each connection very slowly.  So for
>>>people seeing DoS issues like this, I would suggest upgrading to the
>>>latest version, turning on accept filtering and turning off keepalive.
>>>
>>
>>
>>I haven't been able to enable acceptfilters on linux. Where can i get a
>>howto or some info ?
> 
> 
> Code to do this is in 2.1-dev.  The SO_ACCEPTFILTER is not available in
> 2.0.x.
> 
> It is largely undocumented in Linux. When I added support to 2.1, my
> only reference was the linux kernel source code.
> 
> FreeBSD's accept filter stuff is well documented, and works great.  But,
> this isn't the freebsd evangelism mailing list....  Good Luck with Linux.


Ok. Im allowed to keep investigating on 2.1, so im moving to it.
Thanks. I'll play around with it.

> 
> -Paul
> 

Mime
View raw message