I've already gotten 6 responses to my query, from:
"Leonard, Roger" <rleonard_at_cvty.com>
N.M.Hill_at_rl.ac.uk
MC.Vialatte_at_cust.univ-bpclermont.fr
Paul A Sand <pas_at_unh.edu>
Sylvain Robitaille <syl_at_alcor.concordia.ca>
Mike Iglesias <iglesias_at_draco.acs.uci.edu>
Since all 6 seem to have slightly missed the mark, it's clear that I didn't
do a very good job of describing my problem, so let me try again...
Most people suggested tcp wrappers, which we already run. The problem is
that the 500 request/minute limit is being imposed by inetd, which runs on
top of tcpd. The flow of control is:
1) inetd gets connection request
2) inetd executes tcpd
3) tcpd executes your application server (popd, etc)
In our case, we're never getting past step #1, so it doesn't matter what
we're running underneath that does better logging, because it never gets a
chance to run. The logging has to be done at the inetd level to be
effective.
Roy Smith <roy_at_popmail.med.nyu.edu>
New York University School of Medicine
550 First Avenue, New York, NY 10016
Received on Tue Jun 01 1999 - 17:25:54 NZST