Projekte an denen Holger Kohn beteiligt war:

- Todolist ( http://fossies.org/linux/privat/Todolist.php-0.9.15.4.tar.gz:a/Todolist.php-0.9.15.4/doc/WHATSNEW )

...

   54 
   55 New things in ToDoList.php 0.9.14.1
   56 ===================================
   57 - BUGFIX: The add-form doesn't loose entries when the project is changed.
   58 - TUNING: Todolist is much faster when used with a large number of projects.
   59   Many thanks to Holger Kohn for the patch!
   60 

...



- cacti ( http://oss.oetiker.ch/rrdtool/gallery/index.en.html )

This graph shows the traffic of a networkinterface(dark-green). In red is displayed the optimal sinus-curve thru the points of one week. Light-green is the "can-be-range" of the traffic that was not alarmed. Yellow is the "warning-range" of the curve and every other points cause an CRITICAL-Warning in our minitoring. So we bring the statistics-calculations into the monitoring. That will show us abnormaly using of different curves and alarm it. -- Holger Kohn <holger@kohn-nf.de>, 2008/1 [demo]
sintraf.png




- F5 iRule ( https://devcentral.f5.com/wiki/irules.limitconnectionsfromclient.ashx )

LIMIT CONNECTIONS FROM CLIENT

 

 

Contributed by: hkohn

Edit

Description

Limit the number of TCP connections to a virtual server from client IP addresses.

This example should only be used on v9. For v10 or higher, use the session table to track the client connections. See the first example in the table wiki page for one way to do this.

This iRule illustrates how to use an internal array to track the number of concurrent connections to a virtual server based on the source IP address, and reject any connection attempts above a configurable limit.

The example adds logging for rejected connections including client IP address and connection counts, and supports a whitelist of IP addresses to exclude from the limit check.

Care should be taken when using this iRule, as clients may access the virtual server through a reverse proxy which performs address translation. In such a case, there might be legitimate reasons for a large number of TCP connections from a single source IP address.

Edit

iRule Source

01 when RULE_INIT {
02  
03    # The maximum number of TCP connections to the virtual server from a single client IP address
04    set ::max_connections_per_ip 10
05  
06    # Clear the array of clients with open connections to the VIP
07    array set ::active_clients { }
08  
09    # Replace this array with a datagroup of type 'address' once done testing!
10    array set white_client {
11      10.41.0.610
12      10.0.0.2
13    }
14 }
15  
16 when CLIENT_ACCEPTED {
17  
18    log local0. "\$:<!--:active_clients: [array get ::active_clients] (size: [array size ::active_clients])"-->
19  
20    # Check if the client is already in the active clients array
21    if { ([info exists ::active_clients([IP::client_addr])]) } {
22  
23       # Regardless of whether we reject this client, we've already accepted the TCP connection.
24       # so increment the counter for this client.  The count will be decremented when the connection is closed.
25       incr ::active_clients([IP::client_addr])
26       log local0. "Incremented \$::active_clients([IP::client_addr]) to: $::active_clients([IP::client_addr])"
27  
28       # Check if client is already over the maximum
29       if {$::active_clients([IP::client_addr]) > $::max_connections_per_ip} {
30  
31          # Send TCP reset to client
32          reject
33  
34          log local0. "Rejected IP [IP::client_addr], count ($::active_clients([IP::client_addr]))"
35  
36       }
37       # Don't need an else clause here.  The default action will be to allow the connection to continue.
38  
39    } elseif { ![info exists ::white_client([IP::client_addr])] }{
40  
41       # Client wasn't already in the array and isn't in the white list, so add them to the array with a count of 1.
42       set ::active_clients([IP::client_addr]) 1
43       log local0. "Initialised \$::active_clients([IP::client_addr]) to: 1"
44    }
45 }
46 when CLIENT_CLOSED {
47  
48    # Check if the client has a count in the array
49    if { [info exists ::active_clients([IP::client_addr])]} {
50  
51       # Decrement the count by 1
52       incr ::active_clients([IP::client_addr]) -1
53  
54       # Check if the count is 0 or negative
55       if { $::active_clients([IP::client_addr]) <= 0 } {
56  
57          # Clear the array element
58          unset ::active_clients([IP::client_addr])
59       }
60    }
61 }
JSN Epic template designed by JoomlaShine.com