DWS/chrony
1
0
Fork 0
mirror of https://gitlab.com/chrony/chrony.git synced 2025-12-05 14:15:06 -05:00
Code Issues Packages Projects Releases Wiki Activity

clientlog: limit response rate

Browse Source 
When the measured NTP or command request rate of a client exceeds
a threshold, reply only to a small fraction of the requests to reduce
the network traffic. Clients are allowed to send a burst of requests.
Try to detect broken clients which increase the request rate when not
getting replies and suppress the rate limiting for them.

Add ratelimit and cmdratelimit directives to configure the thresholds,
bursts and leak rates independently for NTP and command response rate
limiting. Both are disabled by default. Commands from localhost are
never limited.
This commit is contained in:
Miroslav Lichvar
2015-11-25 13:23:52 +01:00
parent 830135edea
commit b506594c2d
6 changed files with 273 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
clientlog.h
View File

@@ -33,8 +33,10 @@
extern void CLG_Initialise(void);
extern void CLG_Finalise(void);
extern void CLG_LogNTPAccess(IPAddr *client, time_t now);
extern void CLG_LogCommandAccess(IPAddr *client, time_t now);
extern int CLG_LogNTPAccess(IPAddr *client, time_t now);
extern int CLG_LogCommandAccess(IPAddr *client, time_t now);
extern int CLG_LimitNTPResponseRate(int index);
extern int CLG_LimitCommandResponseRate(int index);
/* And some reporting functions, for use by chronyc. */
/* TBD */