/* * @param max per-peer, 0 for unlimited * @param totalMax for all peers, 0 for unlimited * @param period ms */ ConnThrottler(int max, int totalMax, long period) { _max = max; _totalMax = totalMax; this.counter = new ObjectCounter<Hash>(); _currentTotal = new AtomicInteger(); SimpleScheduler.getInstance().addPeriodicEvent(new Cleaner(), period); }
/** * Non-SYN packets with a zero SendStreamID may also be queued here so that they don't get thrown * away while the SYN packet before it is queued. * * <p>Additional overload protection may be required here... We don't have a 3-way handshake, so * the SYN fully opens a connection. Does that make us more or less vulnerable to SYN flooding? */ public void receiveNewSyn(Packet packet) { if (!_active) { if (_log.shouldLog(Log.WARN)) _log.warn("Dropping new SYN request, as we're not listening"); if (packet.isFlagSet(Packet.FLAG_SYNCHRONIZE)) sendReset(packet); return; } if (_log.shouldLog(Log.INFO)) _log.info("Receive new SYN: " + packet + ": timeout in " + _acceptTimeout); // also check if expiration of the head is long past for overload detection with peek() ? boolean success = _synQueue.offer(packet); // fail immediately if full if (success) { SimpleScheduler.getInstance().addEvent(new TimeoutSyn(packet), _acceptTimeout); } else { if (_log.shouldLog(Log.WARN)) _log.warn("Dropping new SYN request, as the queue is full"); if (packet.isFlagSet(Packet.FLAG_SYNCHRONIZE)) sendReset(packet); } }