HTTP Restricted Access
Kostas Lialiambis
root at edessa.topo.auth.gr
Sun Nov 23 21:29:47 EET 1997
Poy lete, prin kati mhnes ebala mia selida me kamia 160 (kai bale) megala
mpeg3 klasikhs moysikhs sto edessa.topo.auth.gr skeftomenos oti den 8axan
zhthsh. Ela omws poy perasan se oloys toy crawlers alla kai se sites
eidikeyomena sthn klassikh moysikh kai arxise na ginetai skotwmos. Gia na
mhn ka8isei to site ta metefera se ena allo ypologisth (ta URLs sto
edessa.topo.auth.gr parapempoyn se links toy alloy ypologisth). Alla to kako
xeiroterepse kai o ypologisths me ta mpeg3 arxise na diakinei Gigabytes ka8e
mera. Epeidh den h8ela na faw kammia katsada gia yperboliko traffic
periorisa ston http server (apache 1.2.4) ta MaxClients se 10.
To problhma poy paroysiasthke htan to e3hs: Kapoios apo ena site katebaze
concurrently polla arxeia pianontas kai ta 10 available sockets toy httpd
kai mh afinontas alloys na mpoyn ekeinh th stigmh )as skeftoyme oti ta
arxeia einai ths ta3hs twn 5 MB mesos oros). Epsa3a mataia na brw parametro
ston Apache poy na epitrepei mono 1 connection apo kapoio site ana xronikh
stigmh. To problhma to elysa me firewall. O cron daemon ektelei ka8e lepto
to parakatw script:
#!/bin/sh
/sbin/ipfwadm -I -f
for i in $(netstat -t -n|grep :80|grep ESTABLISHED \
|tr -s " "|cut -d " " -f 5|cut -d ":" -f 1)
do /sbin/ipfwadm -I -i deny -S $i/32 -D 0.0.0.0/0 80 -P tcp -y
done
Opws blepoyme, kalei to ipfwadm kai kanei flush ola ta rules enw meta
pernaei san parametro sto ipfwadm ta ips oswn exoyn syndesh sto port 80
(grep :80) kai h syndesh einai se state ESTABLISHED (kai oxi p.x. fin_wait1
klp.).
Ayta sas ta grafw epeidh syzhtoysa me filoys to problhma ayto kai moy legan
oti htan sxetika dyskolo na bre8ei tropos na ginei restricted to http se 1
connection per site at a time. To parapanw mporei na exei efarmoges kai se
opoiadhpote allo service (p.x. 1 telnet connection apo kapoio site klp.).
Stp.
--
====================================================================
Gia na mathete pos na xrisimopoiite ton majordomo, stilte e-mail
sto "majordomo at argos.hol.gr" me 1 grammi sto keimeno: help
Ta archives tis listas einai sto http://www.argos.hol.gr/lists
Gia opoiodipote problima stilte e-mail ston owner-linux-greek-users
====================================================================
More information about the Linux-greek-users
mailing list