Improved flood control counting to strictly not allow more than

the given amount of messages in the configured interval.

The previous behavior allowed n+2 messages in the interval, due to
two off by one comparison rules.

In addition, if flooding is detected then each new message after the flooding
is detected will reset the interval timer, which means the client
cannot send another message until the timeout interval expires.
This commit is contained in:
Jan Vidar Krey 2014-05-08 13:30:09 +02:00
parent c26e8aaefe
commit e2b0757f4a
1 changed files with 11 additions and 12 deletions

View File

@ -30,26 +30,25 @@ int flood_control_check(struct flood_control* data, size_t max_count, size_t ti
if (!time_delay || !max_count)
return 0;
if (!data->time)
// No previous message, or a long time since
// the last message. We allow the message.
if (!data->time || ((now - data->time) > time_delay))
{
data->time = now;
data->count = 0;
data->count = 1;
return 0;
}
if ((now - data->time) > time_delay)
{
data->time = now;
data->count = 0;
return 0;
}
if (data->count <= max_count)
{
// increase hit count
data->count++;
return 0;
}
// did we overflow the limits yet?
if (data->count < max_count)
return 0;
// if we continue sending spam messages we extend the flood interval
// based on the last message.
data->time = now;
return 1;
}