From ab9afbc749f24f08f25dcf8bd6f4263b97c79bb9 Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Fri, 9 Sep 2016 11:36:10 -0700
Subject: (1) Public networks now get COMs even though they do not gate with
 them since they will need them to push auth for multicast stuff, (2) added a
 bunch of rate limit circuit breakers for anti-DOS, (3) cleanup.

---
 node/Path.hpp | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

(limited to 'node/Path.hpp')

diff --git a/node/Path.hpp b/node/Path.hpp
index 27cff645..6278532d 100644
--- a/node/Path.hpp
+++ b/node/Path.hpp
@@ -104,6 +104,7 @@ public:
 	Path() :
 		_lastOut(0),
 		_lastIn(0),
+		_lastHello(0),
 		_addr(),
 		_localAddress(),
 		_ipScope(InetAddress::IP_SCOPE_NONE)
@@ -113,6 +114,7 @@ public:
 	Path(const InetAddress &localAddress,const InetAddress &addr) :
 		_lastOut(0),
 		_lastIn(0),
+		_lastHello(0),
 		_addr(addr),
 		_localAddress(localAddress),
 		_ipScope(addr.ipScope())
@@ -229,9 +231,22 @@ public:
 	 */
 	inline uint64_t lastIn() const { return _lastIn; }
 
+	/**
+	 * @return True if we should allow HELLO via this path
+	 */
+	inline bool rateGateHello(const uint64_t now)
+	{
+		if ((now - _lastHello) >= ZT_PATH_HELLO_RATE_LIMIT) {
+			_lastHello = now;
+			return true;
+		}
+		return false;
+	}
+
 private:
 	uint64_t _lastOut;
 	uint64_t _lastIn;
+	uint64_t _lastHello;
 	InetAddress _addr;
 	InetAddress _localAddress;
 	InetAddress::IpScope _ipScope; // memoize this since it's a computed value checked often
-- 
cgit v1.2.3