Bug #2168: mod_evasive allows [max-conns-per-ip + 1] connections - Lighttpd - lighty labs

Actions

Copy link

Bug #2168

closed

mod_evasive allows [max-conns-per-ip + 1] connections

Added by phsource about 15 years ago. Updated about 9 years ago.

Status:

Invalid

Priority:

Normal

Category:

mod_evasive

Target version:

ASK QUESTIONS IN Forums:

Description

Currently, when evasive.max-conns-per-ip is set to n, n+1 connections are allowed through before 403 Forbidden is served.

Example:
evasive.max-conns-per-ip = 2 # 3 connections will be allowed

This was using the latest SVN of lighttpd. To replicate
1. Set evasive.max-conns-per-ip to 1
2. Open two browsers, and start downloading a large file using both. Both connections will succeed.
3. Open another browser. The 3rd connection will display a 403, not the second.

A one-line fix is included in the patch attached.

Files

evasive.diff (396 Bytes) evasive.diff

Patch: line 173 of mod_evasive.c

phsource, 2010-03-01 00:08

Actions

Copy link

Updated by gstrauss about 9 years ago

Status changed from New to Invalid

The count includes the current connection, so mod_evasive appears to be correct without this patch.

Actions

Copy link

Also available in: Atom

Project

General

Profile

Lighttpd

Custom queries

Bug #2168

mod_evasive allows [max-conns-per-ip + 1] connections

Updated by gstrauss about 9 years ago