lock_rw_unlock(&zones->lock);
}
+/** struct for user arg ratelimit list */
+struct ratelimit_list_arg {
+ /** the infra cache */
+ struct infra_cache* infra;
+ /** the SSL to print to */
+ SSL* ssl;
+ /** all or only ratelimited */
+ int all;
+ /** current time */
+ time_t now;
+};
+
+/** list items in the ratelimit table */
+static void
+rate_list(struct lruhash_entry* e, void* arg)
+{
+ struct ratelimit_list_arg* a = (struct ratelimit_list_arg*)arg;
+ struct rate_key* k = (struct rate_key*)e->key;
+ struct rate_data* d = (struct rate_data*)e->data;
+ char buf[257];
+ int lim = infra_find_ratelimit(a->infra, k->name, k->namelen);
+ int max = infra_rate_max(d, a->now);
+ if(a->all == 0) {
+ if(max < lim)
+ return;
+ }
+ dname_str(k->name, buf);
+ ssl_printf(a->ssl, "%s %d limit %d\n", buf, max, lim);
+}
+
+/** do the ratelimit_list command */
+static void
+do_ratelimit_list(SSL* ssl, struct worker* worker, char* arg)
+{
+ struct ratelimit_list_arg a;
+ a.all = 0;
+ a.infra = worker->env.infra_cache;
+ a.now = *worker->env.now;
+ a.ssl = ssl;
+ arg = skipwhite(arg);
+ if(strcmp(arg, "+a") == 0)
+ a.all = 1;
+ if(a.infra->domain_rates==NULL ||
+ (a.all == 0 && infra_dp_ratelimit == 0))
+ return;
+ slabhash_traverse(a.infra->domain_rates, 0, rate_list, &a);
+}
+
/** tell other processes to execute the command */
static void
distribute_cmd(struct daemon_remote* rc, SSL* ssl, char* cmd)
} else if(cmdcmp(p, "list_local_data", 15)) {
do_list_local_data(ssl, worker);
return;
+ } else if(cmdcmp(p, "ratelimit_list", 14)) {
+ do_ratelimit_list(ssl, worker, p+14);
+ return;
} else if(cmdcmp(p, "stub_add", 8)) {
/* must always distribute this cmd */
if(rc) distribute_cmd(rc, ssl, cmd);
}
/** find the ratelimit in qps for a domain */
-static int infra_find_ratelimit(struct infra_cache* infra, uint8_t* name,
+int infra_find_ratelimit(struct infra_cache* infra, uint8_t* name,
size_t namelen)
{
int labs = dname_count_labels(name);
}
/** find the maximum rate stored, not too old. 0 if no information. */
-static int infra_rate_max(void* data, time_t now)
+int infra_rate_max(void* data, time_t now)
{
struct rate_data* d = (struct rate_data*)data;
int i, max = 0;
printf(" forward [off | addr ...] without arg show forward setup\n");
printf(" or off to turn off root forwarding\n");
printf(" or give list of ip addresses\n");
+ printf(" ratelimit_list [+a] list ratelimited domains\n");
+ printf(" +a list all, also not ratelimited\n");
printf("Version %s\n", PACKAGE_VERSION);
printf("BSD licensed, see LICENSE in source package for details.\n");
printf("Report bugs to %s\n", PACKAGE_BUGREPORT);
projects / thirdparty / unbound.git / commitdiff
