Re: Max open connections

From: Nifty Hat Mitch (mitch48_at_sbcglobal.net)
Date: 09/08/04

  • Next message: ysdg_at_free.fr: "Re: USB keyx with FC2...." 
    Date: Tue, 7 Sep 2004 21:18:49 -0700
To: For users of Fedora Core releases <fedora-list@redhat.com>

    On Sun, Sep 05, 2004 at 04:25:22PM +0900, d l wrote:

    >
    > > You may try to decrease the limit with
    > >
    > > echo 8192 > /proc/sys/net/ipv4/tcp_max_orphans
    >
    > Those connections spawned by the p2p applic (mldonkey)is
    > not orphaned. The is no setting in that program to restict
    > number of connections. So large number of connections are
    > made, but they are all "healthy". Problem is the external
    > router is not capabled of handling so many connections and
    > it is DoSed.

    A socket will count as a file descriptor so
    limit the number of files that mldonkey can open.

              ## get a spare shell.
          bash
              ## limit the number of files
          ulimit -n 200
              ## start mldonkey
          mldonkey

    If it is inetd or some other daemon that is running these on demand
    you will have to look at the source to add a tool to manage it.

    You should be able to see these with "lsof".
    I do see this comment that gives me pause....
            -n The maximum number of open file descriptors (most systems
                         do not allow this value to be set)
    If this is the case for you then you must look at the source
    and find a way to manage it there.

    If you are running MLdonkey be sure to connect to the management interface:

       "MLdonkey runs as a daemon on the computer. It can be controlled
       using several interfaces: the simplest one is telnet (telnet
       127.0.0.1 4000), a more interesting one is a WEB server
       (http://127.0.0.1:4080/), and a binary protocol allows access using
       more elaborate Graphical Interfaces (see the GUIs available on your
       system at the bottom of the page). MLdonkey comes by default with a
       GTK interface. All these interfaces can be used locally, or
       remotely (after disabling security restrictions). 

    -- 
	T o m  M i t c h e l l 
	Just say no to 74LS73 in 2004
-- 
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
  • Next message: ysdg_at_free.fr: "Re: USB keyx with FC2...."

    Relevant Pages

    • Re: The RCA connector is living proof
      ... While unbalanced interfaces don't necessarily cause problems, ... not as resistant to causing problems as balanced connections. ... unbalanced is sub-sub-sub standard. ...
      (rec.audio.opinion)
    • Re: redundancy on multi-homed hosts for outgoing mail
      ... automatically retries out the other with the other source address? ... I don't think this is a routing issue. ... The two interfaces have ... single address space with two Internet connections. ...
      (comp.mail.sendmail)
    • Re: iscsi multipath fails when cluster service is started
      ... Sorry if I missed this previously, are your iSCSI network connections on the ... If the iSCSI connections are not on the same subnet as your other cluster ... i think the problem is that the interfaces are in the same subnet. ...
      (microsoft.public.windows.server.clustering)
    • Re: Problems with OpenBSD dhclient
      ... On Thu, 14 Jul 2005, Frank Mayhar wrote: ... I think we're going to need to handle wireless ... >> and wired interfaces differently since their links work differently. ... In general, while wired connections ...
      (freebsd-current)
    • Re: Two VPNs on ONE Server?
      ... active default gateway, not one per interface. ... If one of these connections is coming from a known set of addresses ... But if both interfaces are connecting to the public ... > different VPN interfaces will have completely different IP ...
      (microsoft.public.windows.server.networking)