Use ratecheck() for ICMP6 rate limiting.

This commit is contained in:
thorpej 2000-02-14 19:45:50 +00:00
parent 2649d26c0e
commit 144759ef2b
2 changed files with 25 additions and 30 deletions

View File

@ -1,4 +1,4 @@
/* $NetBSD: icmp6.c,v 1.19 2000/02/06 12:49:42 itojun Exp $ */
/* $NetBSD: icmp6.c,v 1.20 2000/02/14 19:45:50 thorpej Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@ -113,7 +113,7 @@ extern u_char ip6_protox[];
struct icmp6stat icmp6stat;
extern struct in6pcb rawin6pcb;
extern u_int icmp6errratelim;
extern struct timeval icmp6errratelim;
extern int icmp6_nodeinfo;
static struct rttimer_queue *icmp6_mtudisc_timeout_q = NULL;
extern int pmtu_expire;
@ -133,7 +133,6 @@ static void icmp6_mtudisc_timeout __P((struct rtentry *, struct rttimer *));
#ifdef COMPAT_RFC1885
static struct route_in6 icmp6_reflect_rt;
#endif
static struct timeval icmp6_nextsend = {0, 0};
void
icmp6_init()
@ -1967,30 +1966,13 @@ icmp6_ratelimit(dst, type, code)
const int type; /* not used at this moment */
const int code; /* not used at this moment */
{
struct timeval tp;
long sec_diff, usec_diff;
static struct timeval icmp6errratelim_last;
/* If we are not doing rate limitation, it is always okay to send */
if (!icmp6errratelim)
return 0;
tp = time;
if (tp.tv_sec < icmp6_nextsend.tv_sec
|| (tp.tv_sec == icmp6_nextsend.tv_sec
&& tp.tv_usec < icmp6_nextsend.tv_usec)) {
/* The packet is subject to rate limit */
return 1;
}
sec_diff = icmp6errratelim / 1000000;
usec_diff = icmp6errratelim % 1000000;
icmp6_nextsend.tv_sec = tp.tv_sec + sec_diff;
if ((tp.tv_usec = tp.tv_usec + usec_diff) >= 1000000) {
icmp6_nextsend.tv_sec++;
icmp6_nextsend.tv_usec -= 1000000;
}
/* it is okay to send this */
return 0;
/*
* ratecheck() returns true if it is okay to send. We return
* true if it is not okay to send.
*/
return (ratecheck(&icmp6errratelim_last, &icmp6errratelim) == 0);
}
static struct rtentry *
@ -2077,8 +2059,21 @@ icmp6_sysctl(name, namelen, oldp, oldlenp, newp, newlen)
return sysctl_rdstruct(oldp, oldlenp, newp,
&icmp6stat, sizeof(icmp6stat));
case ICMPV6CTL_ERRRATELIMIT:
return sysctl_int(oldp, oldlenp, newp, newlen,
&icmp6errratelim);
{
int rate_usec, error;
/*
* The sysctl specifies the rate in usec-between-icmp,
* so we must convert to a timeval.
*/
error = sysctl_int(oldp, oldlenp, newp, newlen, &rate_usec);
if (error)
return (error);
icmp6errratelim.tv_sec = rate_usec / 1000000;
icmp6errratelim.tv_usec = rate_usec % 1000000;
return (0);
}
case ICMPV6CTL_ND6_PRUNE:
return sysctl_int(oldp, oldlenp, newp, newlen, &nd6_prune);
case ICMPV6CTL_ND6_DELAY:

View File

@ -1,4 +1,4 @@
/* $NetBSD: in6_proto.c,v 1.13 2000/02/06 12:49:45 itojun Exp $ */
/* $NetBSD: in6_proto.c,v 1.14 2000/02/14 19:45:50 thorpej Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@ -322,7 +322,7 @@ u_long rip6_recvspace = RIPV6RCVQ;
/* ICMPV6 parameters */
int icmp6_rediraccept = 1; /* accept and process redirects */
int icmp6_redirtimeout = 10 * 60; /* 10 minutes */
u_int icmp6errratelim = 1000; /* 1000usec = 1msec */
struct timeval icmp6errratelim = { 0, 1000 }; /* 1000usec = 1msec */
int icmp6_nodeinfo = 1; /* enable/disable NI response */
#ifdef TCP6