Commit 6670e881 authored by Daniel Salzman's avatar Daniel Salzman

conf: cache C_RATE_LIMIT_SLIP and C_RATE_LIMIT_WHITELIST

parent fad50f49
/* Copyright (C) 2015 CZ.NIC, z.s.p.o. <knot-dns@labs.nic.cz>
/* Copyright (C) 2016 CZ.NIC, z.s.p.o. <knot-dns@labs.nic.cz>
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
......@@ -162,6 +162,8 @@ static void init_cache(
conf->cache.srv_tcp_hshake_timeout = conf_get(conf, C_SRV, C_TCP_HSHAKE_TIMEOUT);
conf->cache.srv_tcp_idle_timeout = conf_get(conf, C_SRV, C_TCP_IDLE_TIMEOUT);
conf->cache.srv_tcp_reply_timeout = conf_get(conf, C_SRV, C_TCP_REPLY_TIMEOUT);
conf->cache.srv_rate_limit_slip = conf_get(conf, C_SRV, C_RATE_LIMIT_SLIP);
conf->cache.srv_rate_limit_whitelist = conf_get(conf, C_SRV, C_RATE_LIMIT_WHITELIST);
}
int conf_new(
......
/* Copyright (C) 2015 CZ.NIC, z.s.p.o. <knot-dns@labs.nic.cz>
/* Copyright (C) 2016 CZ.NIC, z.s.p.o. <knot-dns@labs.nic.cz>
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
......@@ -97,6 +97,8 @@ typedef struct {
conf_val_t srv_tcp_hshake_timeout;
conf_val_t srv_tcp_idle_timeout;
conf_val_t srv_tcp_reply_timeout;
conf_val_t srv_rate_limit_slip;
conf_val_t srv_rate_limit_whitelist;
} cache;
/*! List of active query modules. */
......
/* Copyright (C) 2015 CZ.NIC, z.s.p.o. <knot-dns@labs.nic.cz>
/* Copyright (C) 2016 CZ.NIC, z.s.p.o. <knot-dns@labs.nic.cz>
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
......@@ -418,8 +418,8 @@ static int ratelimit_apply(int state, knot_pkt_t *pkt, knot_layer_t *ctx)
}
/* Exempt clients. */
conf_val_t whitelist = conf_get(conf(), C_SRV, C_RATE_LIMIT_WHITELIST);
if (conf_addr_range_match(&whitelist, qdata->param->remote)) {
conf_val_t *whitelist = &conf()->cache.srv_rate_limit_whitelist;
if (conf_addr_range_match(whitelist, qdata->param->remote)) {
return state;
}
......@@ -436,8 +436,7 @@ static int ratelimit_apply(int state, knot_pkt_t *pkt, knot_layer_t *ctx)
}
/* Now it is slip or drop. */
conf_val_t val = conf_get(conf(), C_SRV, C_RATE_LIMIT_SLIP);
int slip = conf_int(&val);
int slip = conf_int(&conf()->cache.srv_rate_limit_slip);
if (slip > 0 && rrl_slip_roll(slip)) {
/* Answer slips. */
if (process_query_err(ctx, pkt) != KNOT_STATE_DONE) {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment