summaryrefslogtreecommitdiff
path: root/controller
diff options
context:
space:
mode:
Diffstat (limited to 'controller')
-rw-r--r--controller/SqliteNetworkController.cpp13
-rw-r--r--controller/SqliteNetworkController.hpp2
2 files changed, 15 insertions, 0 deletions
diff --git a/controller/SqliteNetworkController.cpp b/controller/SqliteNetworkController.cpp
index f6489640..bdf337ec 100644
--- a/controller/SqliteNetworkController.cpp
+++ b/controller/SqliteNetworkController.cpp
@@ -64,6 +64,10 @@
// API version reported via JSON control plane
#define ZT_NETCONF_CONTROLLER_API_VERSION 1
+// Drop requests for a given peer and network ID that occur more frequently
+// than this (ms).
+#define ZT_NETCONF_MIN_REQUEST_PERIOD 5000
+
namespace ZeroTier {
namespace {
@@ -316,6 +320,15 @@ NetworkController::ResultCode SqliteNetworkController::doNetworkConfigRequest(co
return NetworkController::NETCONF_QUERY_INTERNAL_SERVER_ERROR;
}
+ // Check rate limit
+
+ {
+ uint64_t &lrt = _lastRequestTime[std::pair<Address,uint64_t>(identity.address(),nwid)];
+ uint64_t lrt2 = lrt;
+ if (((lrt = OSUtils::now()) - lrt2) <= ZT_NETCONF_MIN_REQUEST_PERIOD)
+ return NetworkController::NETCONF_QUERY_IGNORE;
+ }
+
NetworkRecord network;
memset(&network,0,sizeof(network));
Utils::snprintf(network.id,sizeof(network.id),"%.16llx",(unsigned long long)nwid);
diff --git a/controller/SqliteNetworkController.hpp b/controller/SqliteNetworkController.hpp
index bae11519..002493ec 100644
--- a/controller/SqliteNetworkController.hpp
+++ b/controller/SqliteNetworkController.hpp
@@ -98,6 +98,8 @@ private:
std::string _dbPath;
std::string _instanceId;
+ std::map< std::pair<Address,uint64_t>,uint64_t > _lastRequestTime;
+
sqlite3 *_db;
sqlite3_stmt *_sGetNetworkById;
generated by cgit v1.2.3 (git 2.39.1) at 2026-02-18 12:57:44 +0000