Denial-of-service flood control
Drop connections that are either sending messages too fast to handle or are processing messages so slowly data starts to back up. Adds two new options: -maxreceivebuffer Default: 2000 (2000*1000 bytes) -maxsendbuffer Default: 256 (256*1000 bytes)
This commit is contained in:
parent
cf7c1874fe
commit
9cbae55a6e
12
net.cpp
12
net.cpp
|
@ -748,6 +748,12 @@ void ThreadSocketHandler2(void* parg)
|
|||
CDataStream& vRecv = pnode->vRecv;
|
||||
unsigned int nPos = vRecv.size();
|
||||
|
||||
if (nPos > 1000*GetArg("-maxreceivebuffer", 2*1000)) {
|
||||
if (!pnode->fDisconnect)
|
||||
printf("socket recv flood control disconnect (%d bytes)\n", vRecv.size());
|
||||
pnode->CloseSocketDisconnect();
|
||||
}
|
||||
else {
|
||||
// typical socket buffer is 8K-64K
|
||||
char pchBuf[0x10000];
|
||||
int nBytes = recv(pnode->hSocket, pchBuf, sizeof(pchBuf), MSG_DONTWAIT);
|
||||
|
@ -777,6 +783,7 @@ void ThreadSocketHandler2(void* parg)
|
|||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
//
|
||||
// Send
|
||||
|
@ -806,6 +813,11 @@ void ThreadSocketHandler2(void* parg)
|
|||
pnode->CloseSocketDisconnect();
|
||||
}
|
||||
}
|
||||
if (vSend.size() > 1000*GetArg("-maxsendbuffer", 256)) {
|
||||
if (!pnode->fDisconnect)
|
||||
printf("socket send flood control disconnect (%d bytes)\n", vSend.size());
|
||||
pnode->CloseSocketDisconnect();
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue