diff options
author | Rainer Gerhards <rgerhards@adiscon.com> | 2008-12-05 00:44:14 +0100 |
---|---|---|
committer | Rainer Gerhards <rgerhards@adiscon.com> | 2008-12-05 00:44:14 +0100 |
commit | e5c2a0014d18aef2fb05e2b92765c318b67fc7bc (patch) | |
tree | 27342cb311d51edf432cb0e00aef7f0cd67b62a1 /plugins | |
parent | e02b553e1fdca5a655a58d03066cfbc4ab41bc85 (diff) | |
parent | 94cab477f5f308e3e8f24a58c381c1c92377c697 (diff) | |
download | rsyslog-e5c2a0014d18aef2fb05e2b92765c318b67fc7bc.tar.gz rsyslog-e5c2a0014d18aef2fb05e2b92765c318b67fc7bc.tar.xz rsyslog-e5c2a0014d18aef2fb05e2b92765c318b67fc7bc.zip |
Merge branch 'beta'
Conflicts:
ChangeLog
configure.ac
doc/manual.html
plugins/imudp/imudp.c
Diffstat (limited to 'plugins')
-rw-r--r-- | plugins/imudp/imudp.c | 18 |
1 files changed, 14 insertions, 4 deletions
diff --git a/plugins/imudp/imudp.c b/plugins/imudp/imudp.c index c2d704dc..037da56d 100644 --- a/plugins/imudp/imudp.c +++ b/plugins/imudp/imudp.c @@ -56,6 +56,10 @@ DEFobjCurrIf(net) DEFobjCurrIf(datetime) static int iMaxLine; /* maximum UDP message size supported */ +static time_t ttLastDiscard = 0; /* timestamp when a message from a non-permitted sender was last discarded + * This shall prevent remote DoS when the "discard on disallowed sender" + * message is configured to be logged on occurance of such a case. + */ static int *udpLstnSocks = NULL; /* Internet datagram sockets, first element is nbr of elements * read-only after init(), but beware of restart! */ static uchar *pszBindAddr = NULL; /* IP to bind socket to */ @@ -190,11 +194,17 @@ processSocket(int fd, struct sockaddr_storage *frominetPrev, int *pbIsPermitted, if(!*pbIsPermitted) { DBGPRINTF("%s is not an allowed sender\n", (char*)fromHostFQDN); if(glbl.GetOption_DisallowWarning) { - // TODO: add rate-limiter, otherwise we have a DoS - errmsg.LogError(0, NO_ERRCODE, "UDP message from disallowed sender %s discarded", - (char*)fromHost); + time_t tt; + + time(&tt); + if(tt > ttLastDiscard + 60) { + ttLastDiscard = tt; + errmsg.LogError(0, NO_ERRCODE, + "UDP message from disallowed sender %s discarded", + (char*)fromHost); + } } - } + } } DBGPRINTF("recv(%d,%d)/%s,acl:%d,msg:%.80s\n", fd, (int) lenRcvBuf, fromHost, *pbIsPermitted, pRcvBuf); |