On Thu, 19 Nov 2009, Bob Bownes wrote: > Anyone else seeing high numbers of requests for the DVD isos from a few > discrete locations? I'm getting multiple requests for dvd's from over 500 > separate locations. > > Top 10 offenders: These are mostly folks trying to launch 10 (or 100 or even more) parallel download sessions with ranged requests for the DVD images. Your opinion may vary, but I think more than 10 parallel requests is an abuse of the access that is given and can have an adverse impact on other downloaders and the server even. I have implemented fail2ban which is a nifty little package that can scan log files for error messages and then put in an iptables (or other firewall) rule that will block these ip addresses. Of course, one has to also configure the web or ftp server to limit connections per ip so that when that is exceeded, an error is logged. Since implementing this, the number of connection attempts has come down by an order of magnitude for me with no significant change in the traffic (bytes) volume. -- sriram