}
}
-static struct rate_limit rl_runtime_err;
+static struct tbf rl_runtime_err = TBF_DEFAULT_LOG_LIMITS;
#define runtime(x) do { \
log_rl(&rl_runtime_err, L_ERR "filters, line %d: %s", what->lineno, x); \
if (res.type != T_RETURN) {
- log( L_ERR "Filter %s did not return accept nor reject. Make up your mind", filter->name);
+ log_rl(&rl_runtime_err, L_ERR "Filter %s did not return accept nor reject. Make up your mind", filter->name);
return F_ERROR;
}
DBG( "done (%u)\n", res.val.i );
H Library functions
S ip.c ipv4.c ipv6.c
S lists.c
-S checksum.c bitops.c patmatch.c printf.c xmalloc.c
+S checksum.c bitops.c patmatch.c printf.c xmalloc.c tbf.c
D resource.sgml
S resource.c
S mempool.c
resource.h
slab.c
socket.h
+tbf.c
unaligned.h
xmalloc.c
printf.c
#endif
+/* Rate limiting */
+
+struct tbf {
+ bird_clock_t timestamp; /* Last update */
+ u16 count; /* Available tokens */
+ u16 burst; /* Max number of tokens */
+ u16 rate; /* Rate of replenishment */
+ u16 mark; /* Whether last op was limited */
+};
+
+/* Default TBF values for rate limiting log messages */
+#define TBF_DEFAULT_LOG_LIMITS { .rate = 1, .burst = 5 }
+
+void tbf_update(struct tbf *f);
+
+static inline int
+tbf_limit(struct tbf *f)
+{
+ tbf_update(f);
+
+ if (!f->count)
+ {
+ f->mark = 1;
+ return 1;
+ }
+
+ f->count--;
+ f->mark = 0;
+ return 0;
+}
+
+
/* Logging and dying */
typedef struct buffer {
#define LOG_BUFFER_SIZE 1024
-
-struct rate_limit {
- bird_clock_t timestamp;
- int count;
-};
-
#define log log_msg
void log_commit(int class, buffer *buf);
void log_msg(char *msg, ...);
-void log_rl(struct rate_limit *rl, char *msg, ...);
+void log_rl(struct tbf *rl, char *msg, ...);
void die(char *msg, ...) NORET;
void bug(char *msg, ...) NORET;
--- /dev/null
+/*
+ * BIRD Library -- Token Bucket Filter
+ *
+ * (c) 2014 Ondrej Zajicek <santiago@crfreenet.org>
+ * (c) 2014 CZ.NIC z.s.p.o.
+ *
+ * Can be freely distributed and used under the terms of the GNU GPL.
+ */
+
+#include "nest/bird.h"
+
+void
+tbf_update(struct tbf *f)
+{
+ bird_clock_t delta = now - f->timestamp;
+
+ if (delta == 0)
+ return;
+
+ f->timestamp = now;
+
+ if ((0 < delta) && (delta < f->burst))
+ {
+ u32 next = f->count + delta * f->rate;
+ f->count = MIN(next, f->burst);
+ }
+ else
+ f->count = f->burst;
+}
struct proto *p = ah->proto;
struct rtable *table = ah->table;
struct proto_stats *stats = ah->stats;
- static struct rate_limit rl_pipe;
+ static struct tbf rl_pipe = TBF_DEFAULT_LOG_LIMITS;
rte *before_old = NULL;
rte *old_best = net->routes;
rte *old = NULL;
static int
rt_prune_step(rtable *tab, int step, int *limit)
{
- static struct rate_limit rl_flush;
+ static struct tbf rl_flush = TBF_DEFAULT_LOG_LIMITS;
struct fib_iterator *fit = &tab->prune_fit;
DBG("Pruning route table %s\n", tab->name);
#include "bgp.h"
-static struct rate_limit rl_rcv_update, rl_snd_update;
+static struct tbf rl_rcv_update = TBF_DEFAULT_LOG_LIMITS;
+static struct tbf rl_snd_update = TBF_DEFAULT_LOG_LIMITS;
/* Table for state -> RFC 6608 FSM error subcodes */
static byte fsm_err_subcode[BS_MAX] = {
}
}
-static struct rate_limit rl_netlink_err;
+static struct tbf rl_netlink_err = TBF_DEFAULT_LOG_LIMITS;
static int
nl_error(struct nlmsghdr *h)
}
static inline void
-krt_trace_in_rl(struct rate_limit *rl, struct krt_proto *p, rte *e, char *msg)
+krt_trace_in_rl(struct tbf *f, struct krt_proto *p, rte *e, char *msg)
{
if (p->p.debug & D_PACKETS)
- log_rl(rl, L_TRACE "%s: %I/%d: %s", p->p.name, e->net->n.prefix, e->net->n.pxlen, msg);
+ log_rl(f, L_TRACE "%s: %I/%d: %s", p->p.name, e->net->n.prefix, e->net->n.pxlen, msg);
}
/*
#ifdef KRT_ALLOW_LEARN
-static struct rate_limit rl_alien_seen, rl_alien_updated, rl_alien_created, rl_alien_ignored;
+static struct tbf rl_alien = TBF_DEFAULT_LOG_LIMITS;
/*
* krt_same_key() specifies what (aside from the net) is the key in
{
if (krt_uptodate(m, e))
{
- krt_trace_in_rl(&rl_alien_seen, p, e, "[alien] seen");
+ krt_trace_in_rl(&rl_alien, p, e, "[alien] seen");
rte_free(e);
m->u.krt.seen = 1;
}
else
{
- krt_trace_in_rl(&rl_alien_updated, p, e, "[alien] updated");
+ krt_trace_in(p, e, "[alien] updated");
*mm = m->next;
rte_free(m);
m = NULL;
}
}
else
- krt_trace_in_rl(&rl_alien_created, p, e, "[alien] created");
+ krt_trace_in(p, e, "[alien] created");
if (!m)
{
e->next = n->routes;
krt_learn_scan(p, e);
else
{
- krt_trace_in_rl(&rl_alien_ignored, p, e, "[alien] ignored");
+ krt_trace_in_rl(&rl_alien, p, e, "[alien] ignored");
rte_free(e);
}
return;
static list *current_log_list;
static char *current_syslog_name; /* NULL -> syslog closed */
-static const bird_clock_t rate_limit_time = 5;
-static const int rate_limit_count = 5;
-
#ifdef USE_PTHREADS
}
-
/**
* log - log a message
* @msg: printf-like formatting string with message class information
}
void
-log_rl(struct rate_limit *rl, char *msg, ...)
+log_rl(struct tbf *f, char *msg, ...)
{
+ int last_hit = f->mark;
int class = 1;
va_list args;
- bird_clock_t delta = now - rl->timestamp;
- if ((0 <= delta) && (delta < rate_limit_time))
- {
- rl->count++;
- }
- else
- {
- rl->timestamp = now;
- rl->count = 1;
- }
-
- if (rl->count > rate_limit_count)
+ /* Rate limiting is a bit tricky here as it also logs '...' during the first hit */
+ if (tbf_limit(f) && last_hit)
return;
- va_start(args, msg);
if (*msg >= 1 && *msg <= 8)
class = *msg++;
- vlog(class, msg, args);
- if (rl->count == rate_limit_count)
- vlog(class, "...", args);
+
+ va_start(args, msg);
+ vlog(class, (f->mark ? "..." : msg), args);
va_end(args);
}
projects / thirdparty / bird.git / commitdiff
