On 01/22/2010 08:43 AM, Prof. P. Sriram wrote: > We had a similar issue at the centos (and other stuff) mirror at > ftp.iitm.ac.in some months ago. We have solved it effectively using per ip > connection limit and fail2ban. The problem with this is that you have efectively made your mirror non usable for office's and orgaisations that only have 1 ip address to the world. There are quite a few of them. This sort of a pricess would work better if it was to check and only work against an ip of its the same filename being requested rather than overall connections. -- Karanbir Singh London, UK | http://www.karan.org/ | twitter.com/kbsingh ICQ: 2522219 | Yahoo IM: z00dax | Gtalk: z00dax GnuPG Key : http://www.karan.org/publickey.asc