[Repost] Limiting connections to CVS

Matthew Seaman m.seaman at infracaninophile.co.uk
Mon Mar 1 11:47:47 PST 2004


On Mon, Mar 01, 2004 at 10:32:12AM -0500, Gerard Samuel wrote:
> Reposting to list, as I was locked out of -questions over the weekend, and I 
> don't know if I got any replies.
> -----------------
> I read somewhere that they were able to limit CVS pserver connections
> to 4 a minute.
> I would like to do something similar.
> I currently have a firewall/nat box running 4.9-RELEASE-p1, using ipf.
> The CVS server is behind the firewall/nat box running on 4.9-RELEASE-p1.
> 
> Thanks for any insight you may provide...

If you're running CVS pserver out of inetd, which I believe is the
usual practice, then you can limit the total number of simultaneous
connections to a service or the maximum rate at which a service may be
invoked: either of those can apply to connections from one specific IP
address or to all connections.  See inetd.conf(5), but the syntax you
want is something like:

    cvspserver     stream  tcp     nowait/0/4  root    /usr/bin/cvs    cvs --allow-root=/your/cvsroot/here pserver

	Cheers,

	Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.                       26 The Paddocks
                                                      Savill Way
PGP: http://www.infracaninophile.co.uk/pgpkey         Marlow
Tel: +44 1628 476614                                  Bucks., SL7 1TH UK
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20040301/eaa8c765/attachment.bin


More information about the freebsd-questions mailing list