I am interested in knowing if I am missing some obvious point here. This mechanism is working nicely. Are there any better alternatives available without any overhead of chache/locking etc.
What you're doing sounds fine, but you might be interested in this approach that Randal demonstrates:
http://www.stonehenge.com/merlyn/LinuxMag/col17.html
He is using it to throttle by CPU, but it's easy to make it use number of connections within a time window instead.
- Perrin
