implemented session count limiting

new config option:
[common]
max-sessions=N

If set then accel-pppd stops reply to new connection requests if total number of sessions (active and starting) is reached specified limit.

1 files changed, 9 insertions, 0 deletions

diff --git a/accel-pppd/ctrl/l2tp/l2tp.c b/accel-pppd/ctrl/l2tp/l2tp.c
index 76c679c7..81e3ad59 100644
--- a/accel-pppd/ctrl/l2tp/l2tp.c
+++ b/accel-pppd/ctrl/l2tp/l2tp.c
@@ -2731,6 +2731,9 @@ static int l2tp_recv_SCCRQ(const struct l2tp_serv_t *serv,
 		return 0;
 	}
 
+	if (conf_max_sessions && ap_session_stat.active + ap_session_stat.starting >= conf_max_sessions)
+		return 0;
+
 	if (triton_module_loaded("connlimit")
 	    && connlimit_check(cl_key_from_ipv4(pack->addr.sin_addr.s_addr))) {
 		log_warn("l2tp: connection limits reached,"
@@ -3257,6 +3260,9 @@ static int l2tp_recv_ICRQ(struct l2tp_conn_t *conn,
 		return 0;
 	}
 
+	if (conf_max_sessions && ap_session_stat.active + ap_session_stat.starting >= conf_max_sessions)
+		return 0;
+
 	if (triton_module_loaded("connlimit")
 	    && connlimit_check(cl_key_from_ipv4(conn->peer_addr.sin_addr.s_addr))) {
 		log_tunnel(log_warn, conn, "connection limits reached,"
@@ -3557,6 +3563,9 @@ static int l2tp_recv_OCRQ(struct l2tp_conn_t *conn,
 		return 0;
 	}
 
+	if (conf_max_sessions && ap_session_stat.active + ap_session_stat.starting >= conf_max_sessions)
+		return 0;
+
 	if (triton_module_loaded("connlimit")
 	    && connlimit_check(cl_key_from_ipv4(conn->peer_addr.sin_addr.s_addr))) {
 		log_tunnel(log_warn, conn, "connection limits reached,"