-
tcp-clients settings could be exceeded in some cases by creating more and more active TCP clients that are over the set quota limit, which in the end could lead to a DoS attack by e.g. exhaustion of file descriptors. If TCP client we're closing went over the quota (so it's not attached to a quota) mark it as mortal - so that it will be destroyed and not set up to listen for new connections - unless it's the last client for a specific interface. (cherry picked from commit 9ef6eb4c) (cherry picked from commit 264384fb)
ab43e6ca
