The QS_EventRequestLimit counts aren't accurate. I have a couple of lines in my config:
BrowserMatchNoCase "googlebot" QS_Cond=google
QS_EventRequestLimit QS_Cond=^google$ 20
using netstat I can watch connections from the googlebot net and compare it to the reported rule counts in the QOS status page. When Apache is first started the counts do as you expect, going up and down with the connection counts. At some point the counts start "ratcheting" up. When the connections are all cleared for a period of time, according to netstat, the rule count won't return to 0. The value that it shows for zero will keep going up until an Apache restart is performed. The values will eventually hit the limit and start blocking all requests that match the event rule.
I've watched the access logs simultaneously to watching netstat and the status page. During the quiet periods I don't see any logged hits that match the rules. I've also changed the "environment" variable used to trigger the rule and used "SetEnvIf Remote_Addr" to set the variable via IP address and get the same results.
Its seems the counts don't decrement when the traffic matching the rule happens fast enough. But that is just a rough observation.
We're using Gentoo x86_64 Linux (up to date), Apache 2.2.21 and mod_qos 9.74.
Log in to post a comment.