| … | |
… | |
| 197 | // only do action once every x seconds per host whole allowing bursts. |
197 | // only do action once every x seconds per host whole allowing bursts. |
| 198 | // this implementation ("splay list" ;) is inefficient, |
198 | // this implementation ("splay list" ;) is inefficient, |
| 199 | // but low on resources. |
199 | // but low on resources. |
| 200 | struct net_rate_limiter : list<net_rateinfo> |
200 | struct net_rate_limiter : list<net_rateinfo> |
| 201 | { |
201 | { |
| 202 | static const double ALPHA = 1. - 1. / 90.; // allow bursts |
202 | static const double ALPHA = 1. - 1. / 180.; // allow bursts |
| 203 | static const double CUTOFF = 20.; // one event every CUTOFF seconds |
203 | static const double CUTOFF = 10.; // one event every CUTOFF seconds |
| 204 | static const double EXPIRE = CUTOFF * 30.; // expire entries after this time |
204 | static const double EXPIRE = CUTOFF * 30.; // expire entries after this time |
| 205 | |
205 | |
| 206 | bool can (const sockinfo &si) { return can((u32)si.host); } |
206 | bool can (const sockinfo &si) { return can((u32)si.host); } |
| 207 | bool can (u32 host); |
207 | bool can (u32 host); |
| 208 | }; |
208 | }; |
| 209 | |
209 | |
| … | |
… | |
| 621 | fatal ("RSA_public_encrypt error"); |
621 | fatal ("RSA_public_encrypt error"); |
| 622 | |
622 | |
| 623 | slog (L_TRACE, ">>%d PT_AUTH_REQ [%s]", conf->id, (const char *)si); |
623 | slog (L_TRACE, ">>%d PT_AUTH_REQ [%s]", conf->id, (const char *)si); |
| 624 | |
624 | |
| 625 | vpn->send_vpn_packet (pkt, si, IPTOS_RELIABILITY | IPTOS_LOWDELAY); // rsa is very very costly |
625 | vpn->send_vpn_packet (pkt, si, IPTOS_RELIABILITY | IPTOS_LOWDELAY); // rsa is very very costly |
| 626 | |
|
|
| 627 | |
626 | |
| 628 | delete pkt; |
627 | delete pkt; |
| 629 | } |
628 | } |
| 630 | |
629 | |
| 631 | void |
630 | void |
