… | |
… | |
197 | // only do action once every x seconds per host whole allowing bursts. |
197 | // only do action once every x seconds per host whole allowing bursts. |
198 | // this implementation ("splay list" ;) is inefficient, |
198 | // this implementation ("splay list" ;) is inefficient, |
199 | // but low on resources. |
199 | // but low on resources. |
200 | struct net_rate_limiter : list<net_rateinfo> |
200 | struct net_rate_limiter : list<net_rateinfo> |
201 | { |
201 | { |
202 | static const double ALPHA = 1. - 1. / 180.; // allow bursts |
202 | static const double ALPHA = 1. - 1. / 600.; // allow bursts |
203 | static const double CUTOFF = 10.; // one event every CUTOFF seconds |
203 | static const double CUTOFF = 10.; // one event every CUTOFF seconds |
204 | static const double EXPIRE = CUTOFF * 30.; // expire entries after this time |
204 | static const double EXPIRE = CUTOFF * 30.; // expire entries after this time |
205 | static const double MAXDIF = CUTOFF * (1. / (1. - ALPHA)); // maximum diff /count value |
205 | static const double MAXDIF = CUTOFF * (1. / (1. - ALPHA)); // maximum diff /count value |
206 | |
206 | |
207 | bool can (const sockinfo &si) { return can((u32)si.host); } |
207 | bool can (const sockinfo &si) { return can((u32)si.host); } |
208 | bool can (u32 host); |
208 | bool can (u32 host); |
209 | }; |
209 | }; |
210 | |
210 | |
211 | net_rate_limiter auth_rate_limiter, reset_rate_limiter; |
211 | net_rate_limiter auth_rate_limiter, reset_rate_limiter; |
212 | |
212 | |