Browse Source

Denial-of-service flood control

Drop connections that are either sending messages too fast to handle or are processing messages so slowly data starts to back up.
Adds two new options:
  -maxreceivebuffer  Default: 2000 (2000*1000 bytes)
  -maxsendbuffer     Default: 256  (256*1000 bytes)
0.8
Gavin Andresen 14 years ago
parent
commit
9cbae55a6e
  1. 12
      net.cpp

12
net.cpp

@ -748,6 +748,12 @@ void ThreadSocketHandler2(void* parg) @@ -748,6 +748,12 @@ void ThreadSocketHandler2(void* parg)
CDataStream& vRecv = pnode->vRecv;
unsigned int nPos = vRecv.size();
if (nPos > 1000*GetArg("-maxreceivebuffer", 2*1000)) {
if (!pnode->fDisconnect)
printf("socket recv flood control disconnect (%d bytes)\n", vRecv.size());
pnode->CloseSocketDisconnect();
}
else {
// typical socket buffer is 8K-64K
char pchBuf[0x10000];
int nBytes = recv(pnode->hSocket, pchBuf, sizeof(pchBuf), MSG_DONTWAIT);
@ -777,6 +783,7 @@ void ThreadSocketHandler2(void* parg) @@ -777,6 +783,7 @@ void ThreadSocketHandler2(void* parg)
}
}
}
}
//
// Send
@ -806,6 +813,11 @@ void ThreadSocketHandler2(void* parg) @@ -806,6 +813,11 @@ void ThreadSocketHandler2(void* parg)
pnode->CloseSocketDisconnect();
}
}
if (vSend.size() > 1000*GetArg("-maxsendbuffer", 256)) {
if (!pnode->fDisconnect)
printf("socket send flood control disconnect (%d bytes)\n", vSend.size());
pnode->CloseSocketDisconnect();
}
}
}
}

Loading…
Cancel
Save