>>>I did fix an issue last year where even with accept filtering enabled >>>you could DoS any Apache server by simply opening MaxClients connections >>>and trickling a carriage return to each connection very slowly. So for >>>people seeing DoS issues like this, I would suggest upgrading to the >>>latest version, turning on accept filtering and turning off keepalive. >>> >> >> >>I haven't been able to enable acceptfilters on linux. Where can i get a >>howto or some info ? > > > Code to do this is in 2.1-dev. The SO_ACCEPTFILTER is not available in > 2.0.x. > > It is largely undocumented in Linux. When I added support to 2.1, my > only reference was the linux kernel source code. > > FreeBSD's accept filter stuff is well documented, and works great. But, > this isn't the freebsd evangelism mailing list.... Good Luck with Linux.
Ok. Im allowed to keep investigating on 2.1, so im moving to it. Thanks. I'll play around with it. > > -Paul >
