I'm reviewing some filters. First one the ConnectionThrottleFilter.
When a client connect it's storing the connection time so if it tries to reconnect too fast the session is closed directly after the opening. The goal is to prevent denial of service (DoS). But if you accept the session (opening) you send all the TCP soup for opening/accepting the socket connection, and if you close the session directly you send all the TCP soup for closing the socket connection. I hardly can imagine it can protect you from any DoS. It's a very low-level job for a firewall no ? If it can have some use, I'm ready to don't delete it. I already refrained myself on the VmPipe ;) Julien
signature.asc
Description: PGP signature
