You are viewing a plain text version of this content. The canonical link for it is here.
Posted to modules-dev@httpd.apache.org by Robert Schulze <rs...@bytecamp.net> on 2009/08/28 16:06:03 UTC
correct hook function after accepting connection
Hi,
is there a hook for dealing with connections *before* any http data is
read? The reason for this todo would be dropping connections from hosts
without ever reading the request - keeping slowloris in mind.
With kind regards,
Robert Schulze
--
/7\ bytecamp GmbH
Geschwister-Scholl-Str. 10, 14776 Brandenburg a.d. Havel
HRB15752, Amtsgericht Potsdam, Geschaeftsfuehrer:
Bjoern Barnekow, Frank Rosenbaum, Sirko Zidlewitz
tel +49 3381 79637-0 werktags 10-12,13-17 Uhr, fax +49 3381 79637-20
mail rs@bytecamp.net, web http://bytecamp.net/
Re: correct hook function after accepting connection
Posted by Eric Covener <co...@gmail.com>.
On Fri, Aug 28, 2009 at 10:06 AM, Robert Schulze<rs...@bytecamp.net> wrote:
> Hi,
>
> is there a hook for dealing with connections *before* any http data is read?
> The reason for this todo would be dropping connections from hosts without
> ever reading the request - keeping slowloris in mind.
ap_hook_pre_connection() is a RUN_ALL.
(not really pre_connection of course, that'd be some feat!)
--
Eric Covener
covener@gmail.com
Re: correct hook function after accepting connection
Posted by Robert Schulze <rs...@bytecamp.net>.
Hi,
Sorin Manolache schrieb:
>
> You have a choice among these:
>
> pre_connection(conn_rec *, void *)
> process_connection(conn_rec *)
>
> If return != OK && != DECLINED => connection is not processed.
>
thanks a lot.
Robert Schulze
RE: correct hook function after accepting connection
Posted by "Houser, Rick" <Ho...@aoins.com>.
> However, I would suggest that connections are better dropped at
> IP-level (by firewall rules/iptables) or by using
I agree for blocking access, however a module that was to add something
like a per-IP connection-rate or simultaneous connection limit could be
a nice gem for the toolbox, too :).
Thanks,
Rick Houser
Auto-Owners Insurance
Systems Support
> -----Original Message-----
> From: Sorin Manolache [mailto:sorinm@gmail.com]
> Sent: Friday, August 28, 2009 10:34 AM
> To: modules-dev@httpd.apache.org
> Subject: Re: correct hook function after accepting connection
>
> On Fri, Aug 28, 2009 at 16:06, Robert Schulze<rs...@bytecamp.net> wrote:
> > Hi,
> >
> > is there a hook for dealing with connections *before* any
> http data is read?
> > The reason for this todo would be dropping connections from
> hosts without
> > ever reading the request - keeping slowloris in mind.
> >
> > With kind regards,
> >
> > Robert Schulze
> >
>
> You have a choice among these:
>
> pre_connection(conn_rec *, void *)
> process_connection(conn_rec *)
>
> If return != OK && != DECLINED => connection is not processed.
>
> However, I would suggest that connections are better dropped at
> IP-level (by firewall rules/iptables) or by using
>
> Order allow,deny
> Allow from all
> Deny from the_ips_you_want_to_reject
>
> Regards,
> S
>
> --
> A: Because it reverses the logical flow of conversation.
> Q: Why is top-posting frowned upon?
> A: Top-posting.
> Q: What is the most annoying thing in e-mail?
>
>
Re: correct hook function after accepting connection
Posted by Sorin Manolache <so...@gmail.com>.
On Fri, Aug 28, 2009 at 16:06, Robert Schulze<rs...@bytecamp.net> wrote:
> Hi,
>
> is there a hook for dealing with connections *before* any http data is read?
> The reason for this todo would be dropping connections from hosts without
> ever reading the request - keeping slowloris in mind.
>
> With kind regards,
>
> Robert Schulze
>
You have a choice among these:
pre_connection(conn_rec *, void *)
process_connection(conn_rec *)
If return != OK && != DECLINED => connection is not processed.
However, I would suggest that connections are better dropped at
IP-level (by firewall rules/iptables) or by using
Order allow,deny
Allow from all
Deny from the_ips_you_want_to_reject
Regards,
S
--
A: Because it reverses the logical flow of conversation.
Q: Why is top-posting frowned upon?
A: Top-posting.
Q: What is the most annoying thing in e-mail?