From b463f4f2559a6f0180ba09fb1cb43d51144e95f0 Mon Sep 17 00:00:00 2001
From: Kozlov Dmitry <xeb@mail.ru>
Date: Wed, 18 Jan 2012 18:29:52 +0400
Subject: implemented connlimit module which can be used to reduce system
 overload due to flood of connections

---
 accel-pppd/ctrl/l2tp/l2tp.c | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'accel-pppd/ctrl/l2tp')

diff --git a/accel-pppd/ctrl/l2tp/l2tp.c b/accel-pppd/ctrl/l2tp/l2tp.c
index af617ba0..9cde03ef 100644
--- a/accel-pppd/ctrl/l2tp/l2tp.c
+++ b/accel-pppd/ctrl/l2tp/l2tp.c
@@ -24,6 +24,8 @@
 #include "iprange.h"
 #include "cli.h"
 
+#include "connlimit.h"
+
 #include "memdebug.h"
 
 #include "l2tp.h"
@@ -622,6 +624,9 @@ static int l2tp_recv_SCCRQ(struct l2tp_serv_t *serv, struct l2tp_packet_t *pack,
 	
 	if (ppp_shutdown)
 		return 0;
+	
+	if (triton_module_loaded("connlimit") && connlimit_check(cl_key_from_ipv4(pack->addr.sin_addr.s_addr)))
+		return 0;
 
 	list_for_each_entry(attr, &pack->attrs, entry) {
 		switch (attr->attr->id) {
-- 
cgit v1.2.3