… | |
… | |
197 | // only do action once every x seconds per host whole allowing bursts. |
197 | // only do action once every x seconds per host whole allowing bursts. |
198 | // this implementation ("splay list" ;) is inefficient, |
198 | // this implementation ("splay list" ;) is inefficient, |
199 | // but low on resources. |
199 | // but low on resources. |
200 | struct net_rate_limiter : list<net_rateinfo> |
200 | struct net_rate_limiter : list<net_rateinfo> |
201 | { |
201 | { |
202 | static const double ALPHA = 1. - 1. / 90.; // allow bursts |
202 | static const double ALPHA = 1. - 1. / 180.; // allow bursts |
203 | static const double CUTOFF = 20.; // one event every CUTOFF seconds |
203 | static const double CUTOFF = 10.; // one event every CUTOFF seconds |
204 | static const double EXPIRE = CUTOFF * 30.; // expire entries after this time |
204 | static const double EXPIRE = CUTOFF * 30.; // expire entries after this time |
205 | |
205 | |
206 | bool can (const sockinfo &si) { return can((u32)si.host); } |
206 | bool can (const sockinfo &si) { return can((u32)si.host); } |
207 | bool can (u32 host); |
207 | bool can (u32 host); |
208 | }; |
208 | }; |
209 | |
209 | |
… | |
… | |
621 | fatal ("RSA_public_encrypt error"); |
621 | fatal ("RSA_public_encrypt error"); |
622 | |
622 | |
623 | slog (L_TRACE, ">>%d PT_AUTH_REQ [%s]", conf->id, (const char *)si); |
623 | slog (L_TRACE, ">>%d PT_AUTH_REQ [%s]", conf->id, (const char *)si); |
624 | |
624 | |
625 | vpn->send_vpn_packet (pkt, si, IPTOS_RELIABILITY | IPTOS_LOWDELAY); // rsa is very very costly |
625 | vpn->send_vpn_packet (pkt, si, IPTOS_RELIABILITY | IPTOS_LOWDELAY); // rsa is very very costly |
626 | |
|
|
627 | |
626 | |
628 | delete pkt; |
627 | delete pkt; |
629 | } |
628 | } |
630 | |
629 | |
631 | void |
630 | void |