https://bugzilla.mindrot.org/show_bug.cgi?id=3211
Darren Tucker <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] --- Comment #3 from Darren Tucker <[email protected]> --- In 8.5 we added PerSourceMaxStartups and PerSourceNetBlockSize which allow limiting startups by source address, optionally grouping nearby addresses into blocks: PerSourceMaxStartups Specifies the number of unauthenticated connections allowed from a given source address, or "none" if there is no limit. This limit is applied in addition to MaxStartups, whichever is lower. The default is none. PerSourceNetBlockSize Specifies the number of bits of source address that are grouped together for the purposes of applying PerSourceMaxStartups limits. Values for IPv4 and optionally IPv6 may be specified, separated by a colon. The default is 32:128, which means each address is considered individually. If you set PerSourceMaxStartups to something lower that MaxStartups it will prevent any single address (or block of address if you set PerSourceNetBlockSize) from tying up all of the startups. -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug. _______________________________________________ openssh-bugs mailing list [email protected] https://lists.mindrot.org/mailman/listinfo/openssh-bugs
