You could write a IOFilter which limit the connections per Ip in a configured time. I did the same in a project for limiting the connections per time on a smtpserver.
Bye Norman On Fri, 22 Jun 2007 14:16:53 +0800, mat <[EMAIL PROTECTED]> wrote: > Thanks. My concern is what if some clients write a loop keep opening socket > connection and my server keeps accepting and eventually mina core will > reject any new connections. Is that possible to happen? Correct me if i am > wrong, > > On 6/22/07, 凌晨 <[EMAIL PROTECTED]> wrote: >> >> Dear mat: >> I think you should implement your own handler to detect this kind of >> connections from time to time then kill them all. >> You send some detecting packets to these connected connetions,no >> response,no connection. >> Best Wishes >> >> ----- Original Message ----- >> From: "Mark Webb" <[EMAIL PROTECTED]> >> To: <dev@mina.apache.org> >> Sent: Friday, June 22, 2007 8:56 AM >> Subject: Re: malicious client >> >> >> > maybe a variant of the throttle filter which only allows one > connection >> per >> > IP at a time. >> > >> > On 6/21/07, mat <[EMAIL PROTECTED]> wrote: >> >> >> >> Thanks. But how should I set the TIMEOUT since the malicious >> client could >> >> connect by programming a loop, couldn't he? >> >> >> >> 2007/6/21, Mark Webb <[EMAIL PROTECTED]>: >> >> > >> >> > an IoFilter could probably work. This is related to the filter > work >> >> that >> >> > was discussed a while back that dealt with heartbeats. >> >> > >> >> > On 6/21/07, Julien Vermillard <[EMAIL PROTECTED]> wrote: >> >> > > >> >> > > On Thu, 21 Jun 2007 20:46:55 +0800 >> >> > > mat <[EMAIL PROTECTED]> wrote: >> >> > > >> >> > > > I wonder whether any function could prevent Mina from a > malicious >> >> > > > client attacking by opening connections and not sending any > data. >> If >> >> > > > NOT, how could I do? Thanks. >> >> > > >> >> > > Hi, >> >> > > >> >> > > Just detect IDLEness, in your IoHandler sessionIdle. >> >> > > If a client doesn't send enought data, close it. >> >> > > >> >> > > HTH >> >> > > >> >> > > Julien >> >> > > >> >> > >> >> > >> >> > >> >> > -- >> >> > ..Cheers >> >> > Mark >> >> > >> >> >> > >> > >> > >> > -- >> > ..Cheers >> > Mark >> > > > > !DSPAM:1,467b69a9240372659259569! > >
