From b463f4f2559a6f0180ba09fb1cb43d51144e95f0 Mon Sep 17 00:00:00 2001 From: Kozlov Dmitry Date: Wed, 18 Jan 2012 18:29:52 +0400 Subject: implemented connlimit module which can be used to reduce system overload due to flood of connections --- accel-pppd/ctrl/pptp/pptp.c | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'accel-pppd/ctrl/pptp') diff --git a/accel-pppd/ctrl/pptp/pptp.c b/accel-pppd/ctrl/pptp/pptp.c index b9930f3..b785b1f 100644 --- a/accel-pppd/ctrl/pptp/pptp.c +++ b/accel-pppd/ctrl/pptp/pptp.c @@ -23,6 +23,8 @@ #include "utils.h" #include "cli.h" +#include "connlimit.h" + #include "memdebug.h" #define STATE_IDLE 0 @@ -629,6 +631,11 @@ static int pptp_connect(struct triton_md_handler_t *h) continue; } + if (triton_module_loaded("connlimit") && connlimit_check(cl_key_from_ipv4(addr.sin_addr.s_addr))) { + close(sock); + return 0; + } + log_info2("pptp: new connection from %s\n", inet_ntoa(addr.sin_addr)); if (iprange_client_check(addr.sin_addr.s_addr)) { -- cgit v1.2.3