From b463f4f2559a6f0180ba09fb1cb43d51144e95f0 Mon Sep 17 00:00:00 2001
From: Kozlov Dmitry <xeb@mail.ru>
Date: Wed, 18 Jan 2012 18:29:52 +0400
Subject: implemented connlimit module which can be used to reduce system
 overload due to flood of connections

---
 accel-pppd/ctrl/pppoe/pppoe.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

(limited to 'accel-pppd/ctrl/pppoe')

diff --git a/accel-pppd/ctrl/pppoe/pppoe.c b/accel-pppd/ctrl/pppoe/pppoe.c
index 3742c87..a5a8eb6 100644
--- a/accel-pppd/ctrl/pppoe/pppoe.c
+++ b/accel-pppd/ctrl/pppoe/pppoe.c
@@ -26,6 +26,8 @@
 #include "radius.h"
 #endif
 
+#include "connlimit.h"
+
 #include "pppoe.h"
 
 #include "memdebug.h"
@@ -712,7 +714,7 @@ static int check_padi_limit(struct pppoe_serv_t *serv, uint8_t *addr)
 	struct timespec ts;
 
 	if (serv->padi_limit == 0)
-		return 0;
+		goto connlimit_check;
 
 	clock_gettime(CLOCK_MONOTONIC, &ts);
 
@@ -748,6 +750,10 @@ static int check_padi_limit(struct pppoe_serv_t *serv, uint8_t *addr)
 
 	__sync_add_and_fetch(&total_padi_cnt, 1);
 
+connlimit_check:
+	if (triton_module_loaded("connlimit") && connlimit_check(cl_key_from_mac(addr)))
+		return -1;
+
 	return 0;
 }
 
-- 
cgit v1.2.3