Subject: Re: FTPD: disallowing concurrent connections from same IP
To: NetBSD User's Discussion List <netbsd-users@NetBSD.ORG>
From: Dave Huang <khym@azeotrope.org>
List: netbsd-users
Date: 02/19/2003 02:00:08
On Wed, Feb 19, 2003 at 02:19:31AM -0500, Greg A. Woods wrote:
> Why do you want to do that exactly? What problem are you trying to solve?
Is it important? I was just curious about how to get NetBSD's ftpd to
do it. The machine where I'd like something like that is running Windows,
so NetBSD's ftpd isn't gonna help in any case.
But an example situation where it'd be useful is to keep people from
using "download accelerators" that open 7 or more simultaneous
connections and use "REST" to download chunks of the same file. If
they're the only person connected, that's fine, and there's no
significant difference in the transfer speed vs. just making one
connection like usual. However, suppose there are 9 well-behaved
people with T1s are connected, and someone else with a T1 connects
using a download accelerator that opens 11 connections. Assume that I
have a T1 also... instead of everyone getting 1/10th of my T1, the
download accelerator guy will get 11/20ths of it, while the other 9 get
1/20th. This is obviously unfair for the well-behaved people.
Now if I could limit the number of connections from a single IP, the
download accelerator would connect, get 2 connections started and get
rejected on the rest. A limit of 1 connection/IP would be even better
for this, but it'd prevent people from browsing the directory listings
while downloading a file, which I think is nice to allow.
--
Name: Dave Huang | Mammal, mammal / their names are called /
INet: khym@azeotrope.org | they raise a paw / the bat, the cat /
FurryMUCK: Dahan | dolphin and dog / koala bear and hog -- TMBG
Dahan: Hani G Y+C 27 Y++ L+++ W- C++ T++ A+ E+ S++ V++ F- Q+++ P+ B+ PA+ PL++