1.4.18 + mod_evasive + ipv6
|Missing in 1.5.x:|
it seems there is a problem with mod_evasive when using together with IPv6. I am using a limit of 15 connections per IP. Once i enable IPv6 via "server.use-ipv6" (this is on linux) i get insane many 403 errors and alot of "connection turned away" errors in my log. Note: This happens only after enabling IPv6.
I am running a very high traffic website with over 500req/s on average.
Reproducing this is probably not easy since you would need alot of clients with different IP addresses.
I have tested this with 1.5.0 R1922 and it works fine there. I have been searching the ticket db but havent been able to locate anything or any note if there was indeed something fixed.
#1 Updated by Anonymous over 6 years ago
In contrary to my previous post: this is not fixed in 1.5.x. It happens there, too. It just takes more time to be visible but then its the same.
After all mod_evasive is unusable together with IPv6. This module should be considered broken.
#5 Updated by Anonymous over 6 years ago
I was fearing that perhaps I made a mistake and didn't actually apply the patch or that the binary wouldn't have been updated, but that does not seem to be case - the error message is:
2008-06-02 19:51:09: (mod_evasive.c.175) ::ffff:126.96.36.199 turned away. Too many connections.
And line 175 in mod_evasive.c is exactly the log_error_write line after applying the patch.
Also available in: Atom