hcq/MaxScale
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

MXS-1346: Fix the at_times rule

Browse Source 
The rule used the values from the QuerySpeed struct instead of the values
in the rule itself.
This commit is contained in:
Markus Mäkelä
2017-09-05 10:17:59 +03:00
parent b9698f15e7
commit 7272d9401d
2 changed files with 14 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
server/modules/filter/dbfwfilter/dbfwfilter.hh
View File

@ -136,25 +136,17 @@ typedef struct timerange_t
*/ */
struct QuerySpeed struct QuerySpeed
{ {
QuerySpeed(int period = 0, int cooldown = 0, int limit = 0): QuerySpeed():
first_query(0), first_query(0),
triggered(0), triggered(0),
period(period),
cooldown(cooldown),
count(0), count(0),
limit(limit),
id(0),
active(false) active(false)
{ {
} }
time_t first_query; /*< Time when the first query occurred */ time_t first_query; /*< Time when the first query occurred */
time_t triggered; /*< Time when the limit was exceeded */ time_t triggered; /*< Time when the limit was exceeded */
int period; /*< Measurement interval in seconds */
int cooldown; /*< Time the user is denied access for */
int count; /*< Number of queries done */ int count; /*< Number of queries done */
int limit; /*< Maximum number of queries */
long id; /*< Unique id of the rule */
bool active; /*< If the rule has been triggered */ bool active; /*< If the rule has been triggered */
}; };

22
server/modules/filter/dbfwfilter/rules.cc
View File

@ -288,9 +288,9 @@ bool LimitQueriesRule::matches_query(DbfwSession* session, GWBUF* buffer, char**
if (queryspeed->active) if (queryspeed->active)
{ {
if (difftime(time_now, queryspeed->triggered) < queryspeed->cooldown) if (difftime(time_now, queryspeed->triggered) < m_holdoff)
{ {
double blocked_for = queryspeed->cooldown - difftime(time_now, queryspeed->triggered); double blocked_for = m_holdoff - difftime(time_now, queryspeed->triggered);
*msg = create_error("Queries denied for %f seconds", blocked_for); *msg = create_error("Queries denied for %f seconds", blocked_for);
matches = true; matches = true;
@ -305,28 +305,32 @@ bool LimitQueriesRule::matches_query(DbfwSession* session, GWBUF* buffer, char**
} }
else else
{ {
if (queryspeed->count >= queryspeed->limit) if (queryspeed->count >= m_max)
{ {
MXS_INFO("rule '%s': query limit triggered (%d queries in %d seconds), " MXS_INFO("rule '%s': query limit triggered (%d queries in %d seconds), "
"denying queries from user for %d seconds.", name().c_str(), "denying queries from user for %d seconds.", name().c_str(),
queryspeed->limit, queryspeed->period, queryspeed->cooldown); m_max, m_timeperiod, m_holdoff);
queryspeed->triggered = time_now; queryspeed->triggered = time_now;
queryspeed->active = true; queryspeed->active = true;
matches = true; matches = true;
double blocked_for = queryspeed->cooldown - difftime(time_now, queryspeed->triggered); double blocked_for = m_holdoff - difftime(time_now, queryspeed->triggered);
*msg = create_error("Queries denied for %f seconds", blocked_for); *msg = create_error("Queries denied for %f seconds", blocked_for);
} }
else if (queryspeed->count > 0 && else if (queryspeed->count == 0)
difftime(time_now, queryspeed->first_query) <= queryspeed->period) {
queryspeed->first_query = time_now;
queryspeed->count = 1;
}
else if (difftime(time_now, queryspeed->first_query) <= m_timeperiod)
{ {
queryspeed->count++; queryspeed->count++;
} }
else else
{ {
queryspeed->first_query = time_now; /** The time period was exceeded, reset the query count */
queryspeed->count = 1; queryspeed->count = 0;
} }
} }