[119] in bugtraq
Re: udp packet storms
daemon@ATHENA.MIT.EDU (Wietse Venema)
Sun Oct 30 15:53:24 1994
From: wietse@wzv.win.tue.nl (Wietse Venema)
To: chowes@helix.net (Charles Howes)
Date: Sun, 30 Oct 94 20:44:25 MET
Cc: bugtraq@fc.net
In-Reply-To: <Pine.SUN.3.90.941030040414.26538A-100000@trance.helix.net>; from "Charles Howes" at Oct 30, 94 4:07 am
> Hmm; I wonder if it's possible to tell tcpd to rate-limit a particular
> service?
Easy, use the "twist" option to run a second-level wrapper instead of
the regular daemon. The second-level wrapper creates a lock file with
its PID, runs the real daemon, and removes the lockfile N seconds
later. No daemon is run when the lock file specifies the PID of an
existing process.
Don't put the lock in a world-writable directory.
Wietse
