This can be handled programmatically at the server level without modifying the IP layer. There are a lot of other servers out there that can limit connections by IP address. Granted, they are not all HTTP servers, or even Windows servers, but the method should translate well enough. This could even be implemented individually on Sambar's HTTP, FTP, and SMTP protocols. A few example servers:
Web Server 4D (Windows & Mac) http://www.mdg.com/features/deny.html Web Server 4D allows you to set the Maximum Concurrent Connections Allowed Per User, normally, a browser will only open 4 connections at a time, now you have a way to limit the number of connections. We recommend that you set this number to at least 10 and recommend 15-20. Samba (link includes source code) http://lists.samba.org/pipermail/netfilter-devel/2000-November/000190.html [patch] limit connections per ip address ...netfilter module which keeps track of the number parallel TCP connections per IP Address and allows to match this number against a limit. CommuniGate Pro http://www.stalker.com/CommuniGatePro/Listener.html CommuniGate Pro Listeners can limit the number of incoming connections that come from the same IP address. This can help to prevent some of the Denial of Service (DoS) attacks. xinetd http://www.synack.net/xinetd/ Prevent denial of service attacks! - With the access control capabilities of limiting the rate of incoming connections, xinetd can respond to "port bombs" in a reasonable fashion. - If one host seems to be hogging your services, you can limit the number of simultaneous connections from a host. Surge FTP http://netwinsite.com/surgeftp/manual/class.htm Limit connections per ip (1-n) This limits the concurrent users per ip address connected to the server. This is useful to prevent abuse from ftp clients that open multiple connections to get more than their share of bandwidth to your system. Often this stems from people using speed throttling ftp servers instead of limiting the MB downloads per day as you can do with this server. If your server really is heavily used, this setting allows you to prevent this kind of sneaky abuse/cheating. Lyris MailShield http://www.lyris.com/mshelp/SimultaneousConnectionLimit.html Sets the maximum number of TCP/IP connections that MailShield will accept. Some mail servers are unable to handle a large load of incoming connections. If these mail servers are overloaded, they either start crash, refuse connections or other undesirable behavior when that limit is reached. To solve this problem with the destination mail server, you can limit MailShield to not accept more than a set number of simultaneous connections, so that the destination server will not be given more connections than this. -Jeff -----Original Message----- From: danny.mallory [mailto:[EMAIL PROTECTED]] Sent: Thursday, October 11, 2001 11:56 AM To: [EMAIL PROTECTED] Subject: RE: [sambar] Limite the HTTP request per IP What your asking for is probably going to take some change to the IP stack. I believe the TCPNumConnections in the registry is for overall connections. Typically this parameters is managed by the vistors browser with the following reg keys. Not sure if the number of connections per IP can be limited from the servers point of view. HTTP1.0 "MaxConnectionsPer1_0Server HTTP1.1 "MaxConnectionsPerServer Danny On 11/Oct/2001 10:44:32, Perseity Entertainment wrote: > Hi, > > We just release our new game a few days ago and the server is being > hammered. The problem is people are using download managers such as DAP > (Download Accelerator Pro) which gives you up to 7 streams per file. I would > like to limit this to around two. Is possible to limit the number of streams > per IP. When I look at the [connections].. I see one or two people that is > connected up to 7 times on the same file and they are hogging most of the > bandwidth. > > Regards, > Jarrod Davis -------------------------------------------------------------------------------- For unsubscription of this list send an email to [EMAIL PROTECTED] with email data containing unsubscribe emailadd sambar
