Subject: Re: FTPD: disallowing concurrent connections from same IP
To: John Maier <jmaier@midamerica.net>
From: David Maxwell <david@vex.net>
List: netbsd-users
Date: 02/20/2003 11:22:14
On Thu, Feb 20, 2003 at 09:08:33AM -0600, John Maier wrote:
> > I.e., I think that "shares per IP" is more generally useful than
> > "connections per IP" (and even for the special cases in that raised this
> > topic, it would work at least as well---maybe better).
> >
> > An alternative for people who want to suppress "download accelerators"
> > is to just remove the "REST" command from your personal copies of ftpd.
> > I bet that, in your small, specialized group, you never actually had
> > a user who *needed* it, but only use it for their "accelerators".
> >
> No, that a great idea! I add flexabilty to the concept of one connection,
> one IP and answers the problem of accelerators and NATs.
I like that idea too. Sounds like a good option to have be configurable.
There's a tradeoff, of course. If people are downloading large files
like ISOs, if you don't let them resume...
> If you only want, one IP to one connection, so be it. If you want to allow
> 5 connections, per IP, you can.
Of course, someone with more bandwidth than your server can still swamp
out other legitimate users by retrieving more than one file - many
graphical ftp clients let you set "# concurrent downloads" but default
it to 5 or so...
--
David Maxwell, david@vex.net|david@maxwell.net -->
Any sufficiently advanced Common Sense will seem like magic...
- me