SECURITY NUMTRIM

Usage: SECURITY NUMTRIM <list|thresh1|limit1|thresh2|limit2>

The 'numtrim' command is used to protect the server from attacks that cause the server to generate large numbers of numerics. Most attacks of this type are already defended against by other methods, so this command is rarely needed. Two trims are used, if needed. The first trim is a gentle trim designed only to disconnect users with outrageously large send queues. The second trim is more aggressive and may disconnect ordinary users to protect the server.

Each trim has a configured threshold which determines whether the trim takes place. By default, the first trim takes place when 128,000 numerics are in flight and the second when 198,000 numerics are (though these may be bumped up on systems with more than 256Mb). Each trim also has a configured limit -- connections that exceed the limit are disconnected. The first limit defaults to 2,000, the second limit defaults to 400 (though these may be bumped up on systems with many users or channels).

Example:
/as security numtrim

Because the 'LIST' code has been rewritten to minimize the number of numerics in flight, this command is generally no longer needed. The expensive command code generally protects against the use of commands like 'NAMES' for this purpose. Thus this command is generally not needed and the defaults are generally sufficient and non-invasive.