From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 17575 invoked by alias); 10 Nov 2006 14:25:50 -0000 Received: (qmail 17545 invoked by uid 22791); 10 Nov 2006 14:25:49 -0000 X-Spam-Check-By: sourceware.org Received: from mx1.redhat.com (HELO mx1.redhat.com) (66.187.233.31) by sourceware.org (qpsmtpd/0.31) with ESMTP; Fri, 10 Nov 2006 14:25:40 +0000 Received: from int-mx1.corp.redhat.com (int-mx1.corp.redhat.com [172.16.52.254]) by mx1.redhat.com (8.12.11.20060308/8.12.11) with ESMTP id kAAEPbqf024033; Fri, 10 Nov 2006 09:25:37 -0500 Received: from pobox.toronto.redhat.com (pobox.toronto.redhat.com [172.16.14.4]) by int-mx1.corp.redhat.com (8.13.1/8.13.1) with ESMTP id kAAEPbaq023237; Fri, 10 Nov 2006 09:25:37 -0500 Received: from touchme.toronto.redhat.com (IDENT:postfix@touchme.toronto.redhat.com [172.16.14.9]) by pobox.toronto.redhat.com (8.12.11.20060308/8.12.11) with ESMTP id kAAEPaYC004121; Fri, 10 Nov 2006 09:25:36 -0500 Received: from ton.toronto.redhat.com (ton.toronto.redhat.com [172.16.14.15]) by touchme.toronto.redhat.com (Postfix) with ESMTP id B5C4F800002; Fri, 10 Nov 2006 09:25:36 -0500 (EST) Received: from ton.toronto.redhat.com (localhost.localdomain [127.0.0.1]) by ton.toronto.redhat.com (8.13.1/8.13.1) with ESMTP id kAAEPaMN016007; Fri, 10 Nov 2006 09:25:36 -0500 Received: (from fche@localhost) by ton.toronto.redhat.com (8.13.1/8.13.1/Submit) id kAAEPaC6016006; Fri, 10 Nov 2006 09:25:36 -0500 Date: Fri, 10 Nov 2006 14:25:00 -0000 From: "Frank Ch. Eigler" To: Ian Lance Taylor Cc: John David Anglin , overseers@gcc.gnu.org Subject: Re: Anonymous svn is stuck again Message-ID: <20061110142536.GL6207@redhat.com> References: <200611100307.kAA378bU010530@hiauly1.hia.nrc.ca> <20061110031621.GK6207@redhat.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4.1i Mailing-List: contact overseers-help@sourceware.org; run by ezmlm Precedence: bulk List-Archive: List-Post: List-Help: , Sender: overseers-owner@sourceware.org X-SW-Source: 2006-q4/txt/msg00066.txt.bz2 Hi - On Thu, Nov 09, 2006 at 10:29:37PM -0800, Ian Lance Taylor wrote: > > I'll work on converting the service to xinetd shortly. > > I bumped it up to permit 1000 simultaneous connections. I hope that doesn't become an easy DoS avenue. > This connection hanging is still going to be a problem, whether we > stick with tcpservers or switch to xinetd. I wonder if there is > something we can do to kill off the many simultaneous connections. Well, I brought up xinetd because someone (jifl?) pointed out that xinetd has configurable *per-client* connection limits. I can't find a connection duration limiting option there, but this would not be hard to add on top - here is one way #! /bin/sh (sleep 3600; kill $$) & exec svnserve $@ - FChE