Article 13597 at 08/07/25 17:00:38 From: dan (at mark) dogsbody.org Subject: [coba-e:13597] Re: Dovecot/POP3 Flood

Index: [Article Count Order] [Thread]

Date:  Fri, 25 Jul 2008 09:00:31 +0100
From:  Dogsbody <dan (at mark) dogsbody.org>
Subject:  [coba-e:13597] Re: Dovecot/POP3 Flood
To:  coba-e (at mark) bluequartz.org
Message-Id:  <4889881F.8060308 (at mark) dogsbody.org>
In-Reply-To:  <488915BE.4000303 (at mark) theanchoragesylvania.com>
References:  <1216778280.25751.5.camel (at mark) columbus.webtent.org> <20080724104251.3546babe (at mark) patricko> <488915BE.4000303 (at mark) theanchoragesylvania.com>
X-Mail-Count: 13597


> ipt_recent was a great solution - but over time, I found it had a memory 
> leak. The only way to reclaim memory was a reboot of the server.

This is due to a bug in the recent module.  It is fixed in kernels 
2.6.12 and above.  Until then I just do a weekly restart to the 
firewall, it takes less than a second and certainly saves bouncing the 
server :-)

touch /etc/cron.weekly/fwrestart.cron
chmod 750 /etc/cron.weekly/fwrestart.cron
vi /etc/cron.weekly/fwrestart.cron

   #!/bin/sh
   /etc/rc.d/init.d/iptables restart > /dev/null

I hope this helps

One day I'll fully comment up and publish my firewall rules for everyone 
to use, life gets in the way :-/

Dan