Files
MaxScale/server/core
Markus Mäkelä cf86b0cb7e MXS-2414: Prototype connection attempt throttling
The RateLimit class stores authentication failure data mapped by the
client IP addresses. The authentication failures are limited
per thread. The limits are still hard-coded and at least the number of
failures should be made configurable.

The simplest, most maintainable and acceptably efficient implementation
for DDoS protection is a thread-local unordered_map. The unwanted
side-effect of "scaling" of the number of allowed authentication failures
is unlikely to be problematic in most use-cases.

As the blocking of a host is only temporary, the behavior differs from the
one in the MariaDB server. This allows the number of failures to be set to
a much lower value negating some of the problems caused by the relatively
simple implementation.
2019-04-30 14:49:35 +03:00
..
2019-04-16 10:46:02 +03:00
2019-03-11 12:29:56 +02:00
2019-03-21 09:26:06 +02:00
2019-04-12 15:03:02 +03:00
2019-04-30 14:31:47 +03:00
2019-04-26 13:18:37 +03:00
2018-08-10 07:50:18 +03:00
2018-09-09 22:26:19 +03:00
2018-09-09 22:26:19 +03:00
2019-03-22 12:52:56 +02:00
2018-09-09 22:26:19 +03:00
2019-04-12 13:23:49 +03:00
2018-06-25 10:07:52 +03:00
2018-09-09 22:26:19 +03:00
2019-03-27 13:15:14 +02:00
2019-03-28 15:33:09 +02:00
2018-09-09 22:26:19 +03:00
2019-04-05 00:42:00 +03:00