Add connection rate limiting.
Tinc now strictly limits incoming connections from the same host to 1 per second. For incoming connections from multiple hosts short bursts of incoming connections are allowed (by default 100), but on average also only 1 connection per second is allowed. When an incoming connection exceeds the limit, tinc will keep the connection in a tarpit; the connection will be kept open but it is ignored completely. Only one connection is in a tarpit at a time to limit the number of useless open connections.
This commit is contained in:
Guus Sliepen
parent
2eba793305
commit
24e3ec863e
6 changed files with 62 additions and 2 deletions
|
|
@ -335,6 +335,11 @@ This only has effect when
|
|||
.Va Mode
|
||||
is set to
|
||||
.Qq switch .
|
||||
.It Va MaxConnectionBurst Li = Ar count Pq 100
|
||||
This option controls how many connections tinc accepts in quick succession.
|
||||
If there are more connections than the given number in a short time interval,
|
||||
tinc will reduce the number of accepted connections to only one per second,
|
||||
until the burst has passed.
|
||||
.It Va MaxTimeout Li = Ar seconds Pq 900
|
||||
This is the maximum delay before trying to reconnect to other tinc daemons.
|
||||
.It Va Mode Li = router | switch | hub Pq router
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue