Yes, I use a proxy and both proxy and www-client run on the same machine. But it appears the ident calls came from my firewall where I run a http-gw.
You're absolutely right that I should get rid of that traffic. There is no need for the firewall to ask identd on a local machine. But it should ask identd for connections from outside. Can I configure tcpd so that it only ask outside machines? Currently I have ALL:@@ALL in my /etc/hosts.allow file. Would it suffice to add a line http-gw: [EMAIL PROTECTED] Our local network is 172.26.0.0. Michael -- Dr. Michael Meskes, Projekt-Manager | topsystem Systemhaus GmbH [EMAIL PROTECTED] | Europark A2, Adenauerstr. 20 [EMAIL PROTECTED] | 52146 Wuerselen Go SF49ers! Go Rhein Fire! | Tel: (+49) 2405/4670-44 Use Debian GNU/Linux! | Fax: (+49) 2405/4670-10 >-----Original Message----- >From: Peter Tobias [SMTP:[EMAIL PROTECTED] >Sent: Tuesday, June 17, 1997 2:37 AM >To: Kai Henningsen >Cc: Die Adresse des Empfängers ist unbekannt. >Subject: Re: inetd question > > >As far as I know Michael uses a proxy in the same lan (maybe the client >also runs on this machine). When you get some pages from the local >proxy and the proxy does an ident lookup for each connection you'll get >lots of ident lookups (getting pages from the proxy is quite fast so >you'll get lots of lookups in a very short time). > >> > Using "nowait.120" is of course a solution but it is probably better >> > to find the application that is causing the problem. >> >> It is not clear that there is a problem, other than heavy use. There may >> be, of course, such as ident queries actually causing more ident queries, >> but we don't know yet if something like that happens. > >Getting more than 40 ident lookups a minute is not a usual situation. The >best solution is to find the reason (the sender!) of the ident requests >(if it is a local service/system the ident lookups for that service/system >should probably be turned off). Setting the limit to 120 will keep the >system running but won't reduce the (maybe unnecessary) traffic. If the >number of requests can't be reduced the identd should be run in standalone >mode. > > >Thanks, > >Peter > >-- >Peter Tobias <[EMAIL PROTECTED]> <[EMAIL PROTECTED]> ><[EMAIL PROTECTED]> >PGP ID EFAA400D, fingerprint = 06 89 EB 2E 01 7C B4 02 04 62 89 6C 2F DD F1 >3C > > >-- >TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to >[EMAIL PROTECTED] . >Trouble? e-mail to [EMAIL PROTECTED] . > -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
