Source IP rate limiting

2011-11-10 Thread Alex Davies
Hi, I am interested in rate limiting connections from users to stop small DOS 'attacks' from individual users. I see the excellent post at http://blog.serverfault.com/post/1016491873/ and have followed this in a test enviroment. I have the following questions: * What is the best way to monitor

Re: Source IP rate limiting

2011-11-10 Thread Baptiste
On Thu, Nov 10, 2011 at 12:48 PM, Alex Davies a...@davz.net wrote: Hi, I am interested in rate limiting connections from users to stop small DOS 'attacks' from individual users. I see the excellent post at http://blog.serverfault.com/post/1016491873/ and have followed this in a test

Add server-id to response header

2011-11-10 Thread Jan-Oliver John
Hi guys, is it possible to set a response header that includes the server id the request has been sent to? Maybe with rspadd something? for example (conf): --- frontend vs_something rspadd server-id # either server1 or server2 backend pool_something balance roundrobin

Re: Add server-id to response header

2011-11-10 Thread Jan-Oliver John
On 10 November 2011 17:40, Jan-Oliver Johnoj...@vz.net wrote: Hi guys, is it possible to set a response header that includes the server id the request has been sent to? Maybe with rspaddsomething? I'm not sure if rspadd is up to the job. I had a quick look and it looks like the answer is

Re: Source IP rate limiting

2011-11-10 Thread Alex Davies
Hi, Thanks for your reply. What is the 'signature' that is unique in the logs for this kind of block? I have HTTP logs enabled; for the Session state at disconnection part of the log would I be looking for a first letter of P or R for clients blocked by these filters? (and it it possible to

Re: Add server-id to response header

2011-11-10 Thread Baptiste
There might be a dirty way: In your backend, give a try to the above: acl server1 srv_id 1 acl server2 srv_id 2 rspadd X-Server:\ server1 if server1 rspadd X-Server:\ server2 if server2 server 1 server11.1.1.1:80 id 1 server 2 server12.2.2.2:80 id 2 Please tell me