> Bill Pringlemeir wrote: >> I have a number of CLOSE_WAITs from a node.
>>> netstat -tn | grep CLOSE_WAIT | grep 69.120.111.63 | wc >> 15 90 1215 On 5 Feb 2006, [EMAIL PROTECTED] wrote: > That's Cablevision. They don't provide Internet access only > something remotely similar. I suggest to read this thread: > http://groups.yahoo.com/group/the_gdf/message/22192 > I guess it would be a good idea to enforce TLS for ranges known to > be broken. Of course, nobody else supports it. I see. I didn't compile with TLS because I have OpenSSL and I didn't want to install another SSL library. Also, I thought it was paranoid to run this and I didn't want to allocate the CPU to encipher/decipher traffic. Public key exchanges can be rather expensive for those of us with slow CPUs... I see key exchange is done with Diffie-Hellmann after reading the thread above. However, even if I compile with TLS, the lime wire client probably won't have this feature. So I will have the same result. Can I ban the the cable vision subnet? I guess I just add this to hostiles.txt. That does seem rather dramatic. But it would work for now... Or I can live with these dropped connections. I wonder if other clients could use stunnel to tunnel out of these networks to GTKG nodes? Maybe, but it would probably be hard to motivate them to do that. Thanks, Bill Pringlemeir. ------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnk&kid=103432&bid=230486&dat=121642 _______________________________________________ Gtk-gnutella-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/gtk-gnutella-devel
