Bug #1579


1.4.18 + mod_evasive + ipv6

Added by Anonymous almost 13 years ago. Updated over 12 years ago.

Target version:



it seems there is a problem with mod_evasive when using together with IPv6. I am using a limit of 15 connections per IP. Once i enable IPv6 via "server.use-ipv6" (this is on linux) i get insane many 403 errors and alot of "connection turned away" errors in my log. Note: This happens only after enabling IPv6.
I am running a very high traffic website with over 500req/s on average.
Reproducing this is probably not easy since you would need alot of clients with different IP addresses.

I have tested this with 1.5.0 R1922 and it works fine there. I have been searching the ticket db but havent been able to locate anything or any note if there was indeed something fixed.

Jonas Frey


Fix-mod_evasive-IPv6-1579.patch (2.28 KB) Fix-mod_evasive-IPv6-1579.patch 2. try stbuehler, 2008-06-23 19:28

Related issues

Related to Bug #2061: mod_evasive + ipv6 does not workInvalid2009-09-01Actions

Updated by Anonymous almost 13 years ago


In contrary to my previous post: this is not fixed in 1.5.x. It happens there, too. It just takes more time to be visible but then its the same.
After all mod_evasive is unusable together with IPv6. This module should be considered broken.

Jonas Frey


Updated by stbuehler almost 13 years ago

Please test the attached patch if possible, perhaps it gets in before 1.4.20


Updated by Anonymous over 12 years ago

I managed to run in to the same problem when enabling mod evasive. My case should be fairly reproducible (seen in a week or so at least), so I can test the patch soon.

-- naked


Updated by Anonymous over 12 years ago

I tested this patch and the behaviour was similar to what it was before this patch - meaning that once a limit was passed, all new connections seemed to receive the 403 response, not just connections originating from the same IP address.

-- naked


Updated by Anonymous over 12 years ago

I was fearing that perhaps I made a mistake and didn't actually apply the patch or that the binary wouldn't have been updated, but that does not seem to be case - the error message is:

2008-06-02 19:51:09: (mod_evasive.c.175) ::ffff: turned away. Too many connections.

And line 175 in mod_evasive.c is exactly the log_error_write line after applying the patch.

-- naked


Updated by Anonymous over 12 years ago

Accidentally set the need feedback tag, sorry. Also, taking a quick peek at the patch, it looks like the comparsion is the wrong way around in the IPv6 case (== vs. =!) - however, I can't confirm this right now.

-- naked


Updated by Anonymous over 12 years ago

I am running lighttpd since 06/24 with Fix-mod_evasive-IPv6-1579.patch
without any problem (the patch was applied as I was having the problem with mod_evasive when I enabled IPv6) on

-- fantec


Updated by stbuehler over 12 years ago

  • Status changed from New to Fixed
  • Resolution set to fixed

Fixed in r2222 and r2224 for 1.4 and 1.5

Also available in: Atom