On Wed, 28 Apr 2004, Jason McNeil wrote:
> a) Has anything like this happened to anyone else?
Yes. It is commonly seen with clients infected by viruses trying to spread
via the Internet.
> b) Would increasing the number of file descriptors help to avoid this
> problem in the future?
It will limit it somewhat, but not avoid it.
> c) Is there any way to limit the number of requests from a certain ip
> address in a certain amount of time?
You can limit the damage somewhat by
half_closed_clients off
acl abuser maxconn 10
http_access deny abuser
But the proxy service will still be badly affected by this client hitting
the proxy service very hard, and it is best to block the clients Internet
access completely using firewalling until it has been cleaned.
Regards
Henrik
Received on Wed Apr 28 2004 - 16:18:43 MDT
This archive was generated by hypermail pre-2.1.9 : Fri Apr 30 2004 - 12:00:03 MDT