Hi,

Pound 1.8 is fantastic!  Thanks!

I have a few feature requests, please let me know if there are existing 
workarounds that can be used in the meantime.

1.  Can pound drop/reject/redirect requests based on exceeding maximum 
number of connections?  Can this be done on a per-UrlGroup basis?
2.  Can pound detect scripted-repeated-requests based on very simple 
rules like mod_dosevasive?
3.  If the above features won't be implemented, are there plans to 
support c/c++ plugins so that values visible to pound can be utilized to 
determine if a request is dropped or redirected elsewhere?

On Sunday 19 December 2004 04.01, FX wrote:[...]

Glad you like it.
[...]

No.
[...]

No.
[...]

No, but let's hear from other list contributors what they think. The idea of 
pluggable modules has come up from time to time, but I have some serious 
reservations (security, complexity).

At least in my opinion these functions are best implemented as part of the 
regular system packet filtering - have a look at the most excellent 
rate-limiting feature of pf on OpenBSD for a good example. Similar 
capabilities are available with iptables.[...]