X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=doc%2Fsource%2Fp-config.sgml;h=fff23cd1b07bd0303112d2848d2d1ed5597ff188;hp=2457d3956d5f924bb48b974f9aef65d591ff3367;hb=8cae7e3a5026ceac91afc7e1f0f30a2ebd5ec1bc;hpb=9593b7a0c988a0c0eb9aa8d492a328c909e4778f

diff --git a/doc/source/p-config.sgml b/doc/source/p-config.sgml
index 2457d395..fff23cd1 100644
--- a/doc/source/p-config.sgml
+++ b/doc/source/p-config.sgml
@@ -3,7 +3,7 @@
 
  Purpose     :  Used with other docs and files only.
 
- $Id: p-config.sgml,v 2.48 2009/04/17 11:42:07 fabiankeil Exp $
+ $Id: p-config.sgml,v 2.49 2009/04/19 17:39:55 fabiankeil Exp $
 
  Copyright (C) 2001-2009 Privoxy Developers http://www.privoxy.org/
  See LICENSE.
@@ -95,7 +95,7 @@
  Sample Configuration File for Privoxy v&p-version;
 </title>
 <para>
- $Id: p-config.sgml,v 2.48 2009/04/17 11:42:07 fabiankeil Exp $
+ $Id: p-config.sgml,v 2.49 2009/04/19 17:39:55 fabiankeil Exp $
 </para>
 <para>
 Copyright (C) 2001-2009 Privoxy Developers http://www.privoxy.org/
@@ -2612,6 +2612,87 @@ forward-socks4, forward-socks4a and forward-socks5</title>
 </sect3>
 
 
+<sect3 renderas="sect4" id="max-client-connections"><title>max-client-connections</title>
+<variablelist>
+ <varlistentry>
+  <term>Specifies:</term>
+  <listitem>
+   <para>
+    Maximum number of client connections that will be served.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Type of value:</term>
+  <listitem>
+   <para>
+    <replaceable>Positive number.</replaceable>
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Default value:</term>
+  <listitem>
+   <para>None</para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Effect if unset:</term>
+  <listitem>
+   <para>
+    Connections are served until a resource limit is reached.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    &my-app; creates one thread (or process) for every incoming client
+    connection that isn't rejected based on the access control settings.
+   </para>
+   <para>
+    If the system is powerful enough, &my-app; can theoretically deal with
+    several hundred (or thousand) connections at the same time, but some
+    operating systems enforce resource limits by shutting down offending
+    processes and their default limits may be below the ones &my-app; would
+    require under heavy load.
+   </para>
+   <para>
+    Configuring &my-app; to enforce a connection limit below the thread
+    or process limit used by the operating system makes sure this doesn't
+    happen. Simply increasing the operating system's limit would work too,
+    but if &my-app; isn't the only application running on the system,
+    you may actually want to limit the resources used by &my-app;.
+   </para>
+   <para>
+    If &my-app; is only used by a single trusted user, limiting the
+    number of client connections is probably unnecessary. If there
+    are multiple possibly untrusted users you probably still want to
+    additionally use a packet filter to limit the maximal number of
+    incoming connections per client. Otherwise a malicious user could
+    intentionally create a high number of connections to prevent other
+    users from using &my-app;.
+   </para>
+   <para>
+    Obviously using this option only makes sense if you choose a limit
+    below the one enforced by the operating system.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Examples:</term>
+  <listitem>
+   <para>
+    max-client-connections 256
+   </para>
+  </listitem>
+ </varlistentry>
+</variablelist>
+<![%config-file;[<literallayout>@@max-client-connections 256</literallayout>]]>
+</sect3>
+
+
 </sect2>
 
 <!--  ~  End section  ~  -->