[leafnode-list] xinetd per_source limit routinely exceeded by certain hosts
Bulgrien, Kevin
Kevin.Bulgrien at TriPointGlobal.com
Tue Aug 30 17:16:10 CEST 2005
I know this borders on off-topic, but does anyone have any ideas about
whether there is a way to configure Outlook Express to not be so heavy-
handed? Yes, I know, do not use Outlook Express... but you know how
that goes over sometimes. Most hosts do not cause trouble, but a few
are regular rabble-rousers.
Our site uses local news only. I get these messages in the logs:
xinetd[28334]: FAIL: nntp per_source_limit from=192.168.128.60
xinetd[28334]: FAIL: nntp per_source_limit from=192.168.128.128
xinetd[28334]: FAIL: nntp per_source_limit from=192.168.128.128
xinetd[28334]: FAIL: nntp per_source_limit from=192.168.128.114
xinetd[28334]: FAIL: nntp per_source_limit from=192.168.128.128
xinetd[28334]: FAIL: nntp per_source_limit from=192.168.128.128
xinetd[28334]: FAIL: nntp per_source_limit from=192.168.128.128
xinetd[28334]: FAIL: nntp per_source_limit from=192.168.128.128
xinetd[28334]: FAIL: nntp per_source_limit from=192.168.128.128
xinetd[28334]: FAIL: nntp connections per second from=192.168.128.128
I realize that they are related to /etc/xinetd.d/nntp:
#
# xinetd.d script for leafnode news server.
#
service nntp
{
disable = no
flags = NAMEINARGS NOLIBWRAP
socket_type = stream
protocol = tcp
wait = no
user = news
server = /usr/sbin/tcpd
server_args = /usr/sbin/leafnode
instances = 7
per_source = 3
}
"per_source" is the culprit. I can jack this setting up, but it almost
seems that for some clients, per_source has to be set to the total number
of local newsgroups - which seems ridiculous. I do not think I want
clients opening over a hundred connections just to check for messages...
The clients are mostly Outlook Express 6.00.2800.1123 and 6.00.2900.2180
deployed on a variety of Win2K and WinXP workstations. The server is on
old hardware so is not fast (Dual Pentium Pro 200), but it is very
lightly loaded most of the time. Perhaps there is no reason I should not
open up per_source, but maybe someone else can offer some insight?
One note. This did not occur on the same hardware platform running RH7.2.
At the time we were not running a firewall on the server. Now that we are
on a Mandriva 10.1 installation (security updates all applied) and using a
local firewall, this cropped up. I have not done a lot of troubleshooting
to see if there are server configurations that might not be as problematic
as this. As part of the server update, I also updated leafnode. Is it a
fairly sure thing that this is an OS issue only, or might there be a
difference in how fast leafnode responds to the clients that may play a
part in making this an issue?
$ leafnode-version
version: leafnode-2.0.0.alpha20050514a
current machine: Linux arendi.vertexrsi.net 2.6.8.1-12mdksmp #1 SMP Fri Oct
1 11:24:45 CEST 2004 i686 Pentium Pro unknown GNU/Linux
bindir: /usr/bin
sysconfdir: /etc/leafnode
default spooldir: /home/news
IPv6: yes
default MTA: /usr/sbin/sendmail
pcre version: 4.5 01-December-2003
---
Kevin R. Bulgrien
Design and Development Engineer
General Dynamics C4 Systems http://www.tripointglobal.com/
VertexRSI
1915 Harrison Road Tel: 903-295-1480 x288
Longview, TX 75604-5438 Fax: 903-295-1479
More information about the leafnode-list
mailing list