Re: Replacement for grep(1) (part 2)

[Matthew Dillon]

:
:It results sometimes in out of swap, too.
:
:> Inetd is rate-limited by default nowadays, so this really doesn't apply.
:
:It really does apply. Inetd limits incoming connections per minute, not per
:second. It is possible to use minute limit in a few seconds and cause a high
:load. Sendmail is worse than inetd; it cannot limit incoming rate on
:
:Netch

    You can specify a maximum fork limit for inetd on a per-service basis.

    You are a year or two too late on these things.  A great many improvements
    have been made to programs like sendmail and inetd explicitly to deal 
    with overload situations.  Web servers too.  These were fairly simple
    changes as well.  For sendmail it was as simple as making MaxDaemonChildren
    apply to queue runs - I submitted that one to Eric Allman two years ago
    and it's been a part of sendmail since then.  For inetd it is the -c, -C,
    and -R options (which can be specified on a per-service basis as well).
    Dima and I added the -R option back in 1997 specifically to help with
    DOS attacks.

    Sendmail is not an issue when properly configured.

                                        -Matt
                                        Matthew Dillon 
                                        <[EMAIL PROTECTED]>


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message