mirror of
https://github.com/NLnetLabs/unbound.git
synced 2024-09-21 22:57:08 +00:00
- Fix #1277: disable domain ratelimit by setting value to 0.
git-svn-id: file:///svn/unbound/trunk@4235 be551aaa-1e26-0410-a405-d3ace91eadb9
This commit is contained in:
parent
4e66465e22
commit
71d2d60b85
@ -1,3 +1,6 @@
|
||||
16 June 2017: Ralph
|
||||
- Fix #1277: disable domain ratelimit by setting value to 0.
|
||||
|
||||
16 June 2017: Wouter
|
||||
- Fix #1301: memory leak in respip and tests.
|
||||
- Free callback in edns-subnetmod on exit and restart.
|
||||
|
@ -1202,20 +1202,20 @@ This can make ordinary queries complete (if repeatedly queried for),
|
||||
and enter the cache, whilst also mitigating the traffic flow by the
|
||||
factor given.
|
||||
.TP 5
|
||||
.B ratelimit\-for\-domain: \fI<domain> <number qps>
|
||||
.B ratelimit\-for\-domain: \fI<domain> <number qps or 0>
|
||||
Override the global ratelimit for an exact match domain name with the listed
|
||||
number. You can give this for any number of names. For example, for
|
||||
a top\-level\-domain you may want to have a higher limit than other names.
|
||||
A value of \-1 will disable ratelimiting for that domain.
|
||||
A value of 0 will disable ratelimiting for that domain.
|
||||
.TP 5
|
||||
.B ratelimit\-below\-domain: \fI<domain> <number qps>
|
||||
.B ratelimit\-below\-domain: \fI<domain> <number qps or 0>
|
||||
Override the global ratelimit for a domain name that ends in this name.
|
||||
You can give this multiple times, it then describes different settings
|
||||
in different parts of the namespace. The closest matching suffix is used
|
||||
to determine the qps limit. The rate for the exact matching domain name
|
||||
is not changed, use ratelimit\-for\-domain to set that, you might want
|
||||
to use different settings for a top\-level\-domain and subdomains.
|
||||
A value of \-1 will disable ratelimiting for domain names that end in this name.
|
||||
A value of 0 will disable ratelimiting for domain names that end in this name.
|
||||
.TP 5
|
||||
.B ip\-ratelimit: \fI<number or 0>
|
||||
Enable global ratelimiting of queries accepted per ip address.
|
||||
|
4
services/cache/infra.c
vendored
4
services/cache/infra.c
vendored
@ -893,6 +893,8 @@ int infra_ratelimit_inc(struct infra_cache* infra, uint8_t* name,
|
||||
|
||||
/* find ratelimit */
|
||||
lim = infra_find_ratelimit(infra, name, namelen);
|
||||
if(!lim)
|
||||
return 1; /* disabled for this domain */
|
||||
|
||||
/* find or insert ratedata */
|
||||
entry = infra_find_ratedata(infra, name, namelen, 1);
|
||||
@ -941,6 +943,8 @@ int infra_ratelimit_exceeded(struct infra_cache* infra, uint8_t* name,
|
||||
|
||||
/* find ratelimit */
|
||||
lim = infra_find_ratelimit(infra, name, namelen);
|
||||
if(!lim)
|
||||
return 0; /* disabled for this domain */
|
||||
|
||||
/* find current rate */
|
||||
entry = infra_find_ratedata(infra, name, namelen, 0);
|
||||
|
2
services/cache/infra.h
vendored
2
services/cache/infra.h
vendored
@ -401,7 +401,7 @@ int infra_ratelimit_exceeded(struct infra_cache* infra, uint8_t* name,
|
||||
/** find the maximum rate stored, not too old. 0 if no information. */
|
||||
int infra_rate_max(void* data, time_t now);
|
||||
|
||||
/** find the ratelimit in qps for a domain */
|
||||
/** find the ratelimit in qps for a domain. 0 if no limit for domain. */
|
||||
int infra_find_ratelimit(struct infra_cache* infra, uint8_t* name,
|
||||
size_t namelen);
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user