Blame
Date:
Sat Aug 1 09:01:52 2020 UTC
Message:
move extended RCODE's out of the RCODE section those are only 0x00 through 0x0F make a section that shows extended RCODE's that are added to a EDNS0 tag.
001
2014-11-14
pjp
/*
002
2019-02-28
pjp
* Copyright (c) 2014-2019 Peter J. Philipp
003
2014-11-14
pjp
* All rights reserved.
004
2014-11-14
pjp
*
005
2014-11-14
pjp
* Redistribution and use in source and binary forms, with or without
006
2014-11-14
pjp
* modification, are permitted provided that the following conditions
007
2014-11-14
pjp
* are met:
008
2014-11-14
pjp
* 1. Redistributions of source code must retain the above copyright
009
2014-11-14
pjp
* notice, this list of conditions and the following disclaimer.
010
2014-11-14
pjp
* 2. Redistributions in binary form must reproduce the above copyright
011
2014-11-14
pjp
* notice, this list of conditions and the following disclaimer in the
012
2014-11-14
pjp
* documentation and/or other materials provided with the distribution.
013
2014-11-14
pjp
* 3. The name of the author may not be used to endorse or promote products
014
2014-11-14
pjp
* derived from this software without specific prior written permission
015
2014-11-14
pjp
*
016
2014-11-14
pjp
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
017
2014-11-14
pjp
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
018
2014-11-14
pjp
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
019
2014-11-14
pjp
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
020
2014-11-14
pjp
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
021
2014-11-14
pjp
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
022
2014-11-14
pjp
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
023
2014-11-14
pjp
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
024
2014-11-14
pjp
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
025
2014-11-14
pjp
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
026
2014-11-14
pjp
*
027
2014-11-14
pjp
*/
028
2017-10-26
pjp
029
2017-10-26
pjp
/*
030
2019-06-06
pjp
* $Id: ratelimit.c,v 1.7 2019/06/06 14:56:08 pjp Exp $
031
2017-10-26
pjp
*/
032
2017-10-26
pjp
033
2019-06-06
pjp
#include <sys/types.h>
034
2019-06-06
pjp
#include <sys/socket.h>
035
2019-06-06
pjp
#include <sys/mman.h>
036
2019-06-06
pjp
037
2019-06-06
pjp
#include <netinet/in.h>
038
2019-06-06
pjp
#include <arpa/inet.h>
039
2019-06-06
pjp
#include <netdb.h>
040
2019-06-06
pjp
041
2019-06-06
pjp
#include <stdio.h>
042
2019-06-06
pjp
#include <stdlib.h>
043
2019-06-06
pjp
#include <string.h>
044
2019-06-06
pjp
#include <errno.h>
045
2019-06-06
pjp
#include <syslog.h>
046
2019-06-06
pjp
#include <time.h>
047
2019-06-06
pjp
048
2019-06-06
pjp
#ifdef __linux__
049
2019-06-06
pjp
#include <grp.h>
050
2019-06-06
pjp
#define __USE_BSD 1
051
2019-06-06
pjp
#include <endian.h>
052
2019-06-06
pjp
#include <bsd/stdlib.h>
053
2019-06-06
pjp
#include <bsd/string.h>
054
2019-06-06
pjp
#include <bsd/sys/queue.h>
055
2019-06-06
pjp
#define __unused
056
2019-06-06
pjp
#include <bsd/sys/tree.h>
057
2019-06-06
pjp
#include <bsd/sys/endian.h>
058
2019-06-06
pjp
#else /* not linux */
059
2019-06-06
pjp
#include <sys/queue.h>
060
2019-06-06
pjp
#include <sys/tree.h>
061
2019-06-06
pjp
#endif /* __linux__ */
062
2019-06-06
pjp
063
2016-07-06
pjp
#include "ddd-dns.h"
064
2016-07-06
pjp
#include "ddd-db.h"
065
2016-07-06
pjp
066
2014-11-14
pjp
void add_rrlimit(int, u_int16_t *, int, char *);
067
2014-11-14
pjp
int check_rrlimit(int, u_int16_t *, int, char *);
068
2014-11-14
pjp
extern void dolog(int, char *, ...);
069
2014-11-14
pjp
static u_int16_t hash_rrlimit(u_int16_t *, int);
070
2014-11-14
pjp
char *rrlimit_setup(int);
071
2014-11-14
pjp
072
2014-11-14
pjp
struct rrlimit {
073
2014-11-14
pjp
u_int8_t pointer;
074
2014-11-14
pjp
time_t times[256];
075
2019-02-28
pjp
} __attribute__((packed));
076
2014-11-14
pjp
077
2014-11-14
pjp
int ratelimit = 0;
078
2014-11-14
pjp
int ratelimit_packets_per_second = 6;
079
2014-11-14
pjp
080
2014-11-14
pjp
char *
081
2014-11-14
pjp
rrlimit_setup(int size)
082
2014-11-14
pjp
{
083
2014-11-14
pjp
char *ptr;
084
2014-11-14
pjp
085
2014-11-14
pjp
if (size > 255)
086
2014-11-14
pjp
return NULL;
087
2014-11-14
pjp
088
2014-11-14
pjp
size = 65536 * ((size * sizeof(time_t)) + sizeof(u_int8_t));
089
2014-11-14
pjp
090
2014-11-14
pjp
ptr = mmap(NULL, size, PROT_READ | PROT_WRITE, MAP_SHARED |\
091
2014-11-14
pjp
MAP_ANON, -1, 0);
092
2014-11-14
pjp
093
2014-11-14
pjp
if (ptr == MAP_FAILED) {
094
2014-11-14
pjp
dolog(LOG_ERR, "failed to setup rlimit mmap segment, exit\n");
095
2014-11-14
pjp
exit(1);
096
2014-11-14
pjp
}
097
2014-11-14
pjp
098
2014-11-14
pjp
memset(ptr, 0, size);
099
2014-11-14
pjp
100
2014-11-14
pjp
return (ptr);
101
2014-11-14
pjp
}
102
2014-11-14
pjp
103
2014-11-14
pjp
int
104
2014-11-14
pjp
check_rrlimit(int size, u_int16_t *ip, int sizeip, char *rrlimit_ptr)
105
2014-11-14
pjp
{
106
2014-11-14
pjp
struct rrlimit *rl;
107
2014-11-14
pjp
u_int16_t hash;
108
2014-11-14
pjp
int count = 0, i;
109
2014-11-14
pjp
u_int8_t offset;
110
2014-11-14
pjp
time_t now;
111
2014-11-14
pjp
char *tmp;
112
2014-11-14
pjp
113
2014-11-14
pjp
hash = hash_rrlimit(ip, sizeip);
114
2014-11-14
pjp
115
2014-11-14
pjp
tmp = rrlimit_ptr + (hash * ((size * sizeof(time_t)) + sizeof(u_int8_t)));
116
2014-11-14
pjp
rl = (struct rrlimit *)tmp;
117
2014-11-14
pjp
118
2014-11-14
pjp
offset = rl->pointer;
119
2014-11-14
pjp
120
2014-11-14
pjp
now = time(NULL);
121
2014-11-14
pjp
122
2014-11-14
pjp
for (i = 0; i < size; i++) {
123
2014-11-14
pjp
if (difftime(now, rl->times[(offset + i) % size]) <= 1)
124
2014-11-14
pjp
count++;
125
2014-11-14
pjp
else
126
2014-11-14
pjp
break;
127
2014-11-14
pjp
}
128
2014-11-14
pjp
129
2014-11-14
pjp
if (count > ratelimit_packets_per_second)
130
2014-11-14
pjp
return 1;
131
2014-11-14
pjp
132
2014-11-14
pjp
return 0;
133
2014-11-14
pjp
}
134
2014-11-14
pjp
135
2014-11-14
pjp
136
2014-11-14
pjp
void
137
2014-11-14
pjp
add_rrlimit(int size, u_int16_t *ip, int sizeip, char *rrlimit_ptr)
138
2014-11-14
pjp
{
139
2014-11-14
pjp
struct rrlimit *rl;
140
2014-11-14
pjp
u_int16_t hash;
141
2014-11-14
pjp
int offset;
142
2014-11-14
pjp
time_t now;
143
2014-11-14
pjp
char *tmp;
144
2014-11-14
pjp
145
2014-11-14
pjp
hash = hash_rrlimit(ip, sizeip);
146
2014-11-14
pjp
147
2014-11-14
pjp
tmp = rrlimit_ptr + (hash * ((size * sizeof(time_t)) + sizeof(u_int8_t)));
148
2014-11-14
pjp
rl = (struct rrlimit *)tmp;
149
2014-11-14
pjp
150
2014-11-14
pjp
offset = rl->pointer;
151
2014-11-14
pjp
152
2014-11-14
pjp
offset--;
153
2014-11-14
pjp
if (offset < 0)
154
2014-11-14
pjp
offset = size - 1;
155
2014-11-14
pjp
156
2014-11-14
pjp
now = time(NULL);
157
2014-11-14
pjp
158
2014-11-14
pjp
rl->times[offset] = now;
159
2014-11-14
pjp
rl->pointer = offset; /* XXX race */
160
2014-11-14
pjp
161
2014-11-14
pjp
}
162
2014-11-14
pjp
163
2014-11-14
pjp
static u_int16_t
164
2014-11-14
pjp
hash_rrlimit(u_int16_t *ip, int size)
165
2014-11-14
pjp
{
166
2014-11-14
pjp
u_int64_t total = 0;
167
2014-11-14
pjp
int i, j;
168
2014-11-14
pjp
169
2014-11-14
pjp
for (i = 0, j = 0; i < size; i += 2) {
170
2014-11-14
pjp
total += (u_int64_t)ip[j++];
171
2014-11-14
pjp
}
172
2014-11-14
pjp
173
2014-11-14
pjp
total %= 0xffff;
174
2014-11-14
pjp
175
2014-11-14
pjp
return ((u_int16_t)total);
176
2014-11-14
pjp
}
repomaster@centroid.eu